Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2021-23425
Vulnerability from cvelistv5
Published
2021-08-18 16:15
Modified
2024-09-16 23:10
Severity ?
EPSS score ?
Summary
All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| report@snyk.io | https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6 | Broken Link, Third Party Advisory | |
| report@snyk.io | https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197 | Exploit, Third Party Advisory | |
| report@snyk.io | https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6 | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | trim-off-newlines |
Version: 0 < unspecified |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:05:56.054Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "trim-off-newlines", vendor: "n/a", versions: [ { lessThan: "unspecified", status: "affected", version: "0", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Robert McLaughlin", }, ], datePublic: "2021-08-18T00:00:00", descriptions: [ { lang: "en", value: "All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitCodeMaturity: "PROOF_OF_CONCEPT", integrityImpact: "NONE", privilegesRequired: "NONE", remediationLevel: "NOT_DEFINED", reportConfidence: "NOT_DEFINED", scope: "UNCHANGED", temporalScore: 5, temporalSeverity: "MEDIUM", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Regular Expression Denial of Service (ReDoS)", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-18T16:15:11", orgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", shortName: "snyk", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", }, { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6", }, ], title: "Regular Expression Denial of Service (ReDoS)", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "report@snyk.io", DATE_PUBLIC: "2021-08-18T16:13:04.966419Z", ID: "CVE-2021-23425", STATE: "PUBLIC", TITLE: "Regular Expression Denial of Service (ReDoS)", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "trim-off-newlines", version: { version_data: [ { version_affected: ">=", version_value: "0", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, credit: [ { lang: "eng", value: "Robert McLaughlin", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Regular Expression Denial of Service (ReDoS)", }, ], }, ], }, references: { reference_data: [ { name: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197", }, { name: "https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6", refsource: "MISC", url: "https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", assignerShortName: "snyk", cveId: "CVE-2021-23425", datePublished: "2021-08-18T16:15:11.284445Z", dateReserved: "2021-01-08T00:00:00", dateUpdated: "2024-09-16T23:10:48.912Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trim-off-newlines_project:trim-off-newlines:*:*:*:*:*:node.js:*:*\", \"versionEndExcluding\": \"1.0.3\", \"matchCriteriaId\": \"89A54D9C-B594-448A-A447-66B2F4DFB397\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.\"}, {\"lang\": \"es\", \"value\": \"Todas las versiones del paquete trim-off-newlines son vulnerables a una Denegaci\\u00f3n de Servicio por Expresi\\u00f3n Regular (ReDoS) por medio de procesamiento de cadenas.\"}]", id: "CVE-2021-23425", lastModified: "2024-11-21T05:51:44.157", metrics: "{\"cvssMetricV31\": [{\"source\": \"report@snyk.io\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2021-08-18T17:15:08.067", references: "[{\"url\": \"https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6\", \"source\": \"report@snyk.io\", \"tags\": [\"Broken Link\", \"Third Party Advisory\"]}, {\"url\": \"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197\", \"source\": \"report@snyk.io\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850\", \"source\": \"report@snyk.io\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\"]}, {\"url\": \"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]", sourceIdentifier: "report@snyk.io", vulnStatus: "Modified", weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2021-23425\",\"sourceIdentifier\":\"report@snyk.io\",\"published\":\"2021-08-18T17:15:08.067\",\"lastModified\":\"2024-11-21T05:51:44.157\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.\"},{\"lang\":\"es\",\"value\":\"Todas las versiones del paquete trim-off-newlines son vulnerables a una Denegación de Servicio por Expresión Regular (ReDoS) por medio de procesamiento de cadenas.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"report@snyk.io\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trim-off-newlines_project:trim-off-newlines:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"1.0.3\",\"matchCriteriaId\":\"89A54D9C-B594-448A-A447-66B2F4DFB397\"}]}]}],\"references\":[{\"url\":\"https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6\",\"source\":\"report@snyk.io\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}", }, }
gsd-2021-23425
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.
Aliases
Aliases
{ GSD: { alias: "CVE-2021-23425", description: "All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.", id: "GSD-2021-23425", references: [ "https://access.redhat.com/errata/RHSA-2022:4711", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2021-23425", ], details: "All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.", id: "GSD-2021-23425", modified: "2023-12-13T01:23:29.923568Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "report@snyk.io", DATE_PUBLIC: "2021-08-18T16:13:04.966419Z", ID: "CVE-2021-23425", STATE: "PUBLIC", TITLE: "Regular Expression Denial of Service (ReDoS)", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "trim-off-newlines", version: { version_data: [ { version_affected: ">=", version_value: "0", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, credit: [ { lang: "eng", value: "Robert McLaughlin", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Regular Expression Denial of Service (ReDoS)", }, ], }, ], }, references: { reference_data: [ { name: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197", }, { name: "https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6", refsource: "MISC", url: "https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6", }, ], }, }, "gitlab.com": { advisories: [ { affected_range: "<1.0.3", affected_versions: "All versions before 1.0.3", cvss_v2: "AV:N/AC:L/Au:N/C:N/I:N/A:P", cvss_v3: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", cwe_ids: [ "CWE-1035", "CWE-937", ], date: "2022-01-18", description: "All versions of package trim-off-newlines is vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.", fixed_versions: [ "1.0.3", ], identifier: "CVE-2021-23425", identifiers: [ "CVE-2021-23425", ], not_impacted: "All versions starting from 1.0.3", package_slug: "npm/trim-off-newlines", pubdate: "2021-08-18", solution: "Upgrade to version 1.0.3 or above.", title: "Uncontrolled Resource Consumption", urls: [ "https://nvd.nist.gov/vuln/detail/CVE-2021-23425", ], uuid: "3f59bb69-b82c-42f3-9ba3-06f363b4dbcc", }, ], }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:trim-off-newlines_project:trim-off-newlines:*:*:*:*:*:node.js:*:*", cpe_name: [], versionEndExcluding: "1.0.3", vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "report@snyk.io", ID: "CVE-2021-23425", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], }, ], }, references: { reference_data: [ { name: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197", refsource: "MISC", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197", }, { name: "https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6", refsource: "MISC", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6", }, { name: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", refsource: "MISC", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, }, }, lastModifiedDate: "2022-01-18T17:33Z", publishedDate: "2021-08-18T17:15Z", }, }, }
fkie_cve-2021-23425
Vulnerability from fkie_nvd
Published
2021-08-18 17:15
Modified
2024-11-21 05:51
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| report@snyk.io | https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6 | Broken Link, Third Party Advisory | |
| report@snyk.io | https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197 | Exploit, Third Party Advisory | |
| report@snyk.io | https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6 | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trim-off-newlines_project | trim-off-newlines | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:trim-off-newlines_project:trim-off-newlines:*:*:*:*:*:node.js:*:*", matchCriteriaId: "89A54D9C-B594-448A-A447-66B2F4DFB397", versionEndExcluding: "1.0.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.", }, { lang: "es", value: "Todas las versiones del paquete trim-off-newlines son vulnerables a una Denegación de Servicio por Expresión Regular (ReDoS) por medio de procesamiento de cadenas.", }, ], id: "CVE-2021-23425", lastModified: "2024-11-21T05:51:44.157", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "report@snyk.io", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-18T17:15:08.067", references: [ { source: "report@snyk.io", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", }, ], sourceIdentifier: "report@snyk.io", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
RHSA-2022:4711
Vulnerability from csaf_redhat
Published
2022-05-26 16:25
Modified
2025-03-20 12:48
Summary
Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update
Notes
Topic
Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
Security Fix(es):
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* jquery-ui: XSS in the altField option of the datepicker widget (CVE-2021-41182)
* jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)
* jquery-ui: XSS in the 'of' option of the .position() util (CVE-2021-41184)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
A list of bugs fixed in this update is available in the Technical Notes book:
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.\n\nSecurity Fix(es):\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* jquery-ui: XSS in the altField option of the datepicker widget (CVE-2021-41182)\n\n* jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)\n\n* jquery-ui: XSS in the 'of' option of the .position() util (CVE-2021-41184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nA list of bugs fixed in this update is available in the Technical Notes book:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2022:4711", url: "https://access.redhat.com/errata/RHSA-2022:4711", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes", url: "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes", }, { category: "external", summary: "655153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=655153", }, { category: "external", summary: "977778", url: "https://bugzilla.redhat.com/show_bug.cgi?id=977778", }, { category: "external", summary: "1624015", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1624015", }, { category: "external", summary: "1648985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1648985", }, { category: "external", summary: "1667517", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667517", }, { category: "external", summary: "1687845", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1687845", }, { category: "external", summary: "1781241", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1781241", }, { category: "external", summary: "1782056", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1782056", }, { category: "external", summary: "1849169", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1849169", }, { category: "external", summary: "1878930", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1878930", }, { category: "external", summary: "1922977", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1922977", }, { category: "external", summary: "1926625", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1926625", }, { category: "external", summary: "1927985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1927985", }, { category: "external", summary: "1944290", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1944290", }, { category: "external", summary: "1944834", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1944834", }, { category: "external", summary: "1956295", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1956295", }, { category: "external", summary: "1959186", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1959186", }, { category: "external", summary: "1964208", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1964208", }, { category: "external", summary: "1964461", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1964461", }, { category: "external", summary: "1971622", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1971622", }, { category: "external", summary: "1974741", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1974741", }, { category: "external", summary: "1979441", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1979441", }, { category: "external", summary: "1979797", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1979797", }, { category: "external", summary: "1980192", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1980192", }, { category: "external", summary: "1986726", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1986726", }, { category: "external", summary: "1986834", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1986834", }, { category: "external", summary: "1987121", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1987121", }, { category: "external", summary: "1988496", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1988496", }, { category: "external", summary: "1990462", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1990462", }, { category: "external", summary: "1991240", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1991240", }, { category: "external", summary: "1995793", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1995793", }, { category: "external", summary: "1996123", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1996123", }, { category: "external", summary: "1998255", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1998255", }, { category: "external", summary: "1999698", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1999698", }, { category: "external", summary: "2000031", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2000031", }, { category: "external", summary: "2002283", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2002283", }, { category: "external", summary: "2003883", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2003883", }, { category: "external", summary: "2003996", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2003996", }, { category: "external", summary: "2006602", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2006602", }, { category: "external", summary: "2006745", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2006745", }, { category: "external", summary: "2007384", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2007384", }, { category: "external", summary: "2007557", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2007557", }, { category: "external", summary: "2008798", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2008798", }, { category: "external", summary: "2010203", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2010203", }, { category: "external", summary: "2010903", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2010903", }, { category: "external", summary: "2013928", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2013928", }, { category: "external", summary: "2014888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2014888", }, { category: "external", summary: "2015796", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2015796", }, { category: "external", summary: "2019144", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019144", }, { category: "external", summary: "2019148", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019148", }, { category: "external", summary: "2019153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019153", }, { category: "external", summary: "2021217", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2021217", }, { category: "external", summary: "2023250", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2023250", }, { category: "external", summary: "2023786", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2023786", }, { category: "external", summary: "2024202", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2024202", }, { category: "external", summary: "2025936", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2025936", }, { category: "external", summary: "2030596", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2030596", }, { category: "external", summary: "2030663", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2030663", }, { category: "external", summary: "2031027", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2031027", }, { category: "external", summary: "2035051", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2035051", }, { category: "external", summary: "2037115", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2037115", }, { category: "external", summary: "2037121", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2037121", }, { category: "external", summary: "2040361", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2040361", }, { category: "external", summary: "2040402", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2040402", }, { category: "external", summary: "2040474", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2040474", }, { category: "external", summary: "2041544", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2041544", }, { category: "external", summary: "2043146", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2043146", }, { category: "external", summary: "2044273", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044273", }, { category: "external", summary: "2048546", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2048546", }, { category: "external", summary: "2050566", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2050566", }, { category: "external", summary: "2050614", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2050614", }, { category: "external", summary: "2051857", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2051857", }, { category: "external", summary: "2052557", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2052557", }, { category: "external", summary: "2052690", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2052690", }, { category: "external", summary: "2054756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2054756", }, { category: "external", summary: "2055136", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2055136", }, { category: "external", summary: "2056021", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2056021", }, { category: "external", summary: "2056052", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2056052", }, { category: "external", summary: "2056126", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2056126", }, { category: "external", summary: "2058264", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2058264", }, { category: "external", summary: "2059521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2059521", }, { category: "external", summary: "2059877", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2059877", }, { category: "external", summary: "2061904", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2061904", }, { category: "external", summary: "2065052", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2065052", }, { category: "external", summary: "2066084", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2066084", }, { category: "external", summary: "2066283", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2066283", }, { category: "external", summary: "2069972", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2069972", }, { category: "external", summary: "2070156", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2070156", }, { category: "external", summary: "2071468", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2071468", }, { category: "external", summary: "2072637", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072637", }, { category: "external", summary: "2072639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072639", }, { category: "external", summary: "2072641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072641", }, { category: "external", summary: "2072642", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072642", }, { category: "external", summary: "2072645", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072645", }, { category: "external", summary: "2072646", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072646", }, { category: "external", summary: "2075352", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2075352", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4711.json", }, ], title: "Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update", tracking: { current_release_date: "2025-03-20T12:48:53+00:00", generator: { date: "2025-03-20T12:48:53+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2022:4711", initial_release_date: "2022-05-26T16:25:03+00:00", revision_history: [ { date: "2022-05-26T16:25:03+00:00", number: "1", summary: "Initial version", }, { date: "2022-05-26T16:25:03+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-20T12:48:53+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product: { name: "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4", product_identification_helper: { cpe: "cpe:/a:redhat:rhev_manager:4.4:el8", }, }, }, ], category: "product_family", name: "Red Hat Virtualization", }, { branches: [ { category: "product_version", name: "ovirt-dependencies-0:4.5.1-1.el8ev.src", product: { name: "ovirt-dependencies-0:4.5.1-1.el8ev.src", product_id: "ovirt-dependencies-0:4.5.1-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-dependencies@4.5.1-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-log-collector-0:4.4.5-1.el8ev.src", product: { name: "ovirt-log-collector-0:4.4.5-1.el8ev.src", product_id: "ovirt-log-collector-0:4.4.5-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-log-collector@4.4.5-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", product: { name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", product_id: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.13-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "engine-db-query-0:1.6.4-1.el8ev.src", product: { name: "engine-db-query-0:1.6.4-1.el8ev.src", product_id: "engine-db-query-0:1.6.4-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/engine-db-query@1.6.4-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", product: { name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", product_id: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-jsonrpc-java@1.7.1-2.el8ev?arch=src", }, }, }, { category: "product_version", name: "apache-sshd-1:2.8.0-0.1.el8ev.src", product: { name: "apache-sshd-1:2.8.0-0.1.el8ev.src", product_id: "apache-sshd-1:2.8.0-0.1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/apache-sshd@2.8.0-0.1.el8ev?arch=src&epoch=1", }, }, }, { category: "product_version", name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.src", product: { name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.src", product_id: "rhvm-setup-plugins-0:4.5.0-2.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/rhvm-setup-plugins@4.5.0-2.el8ev?arch=src", }, }, }, { category: "product_version", name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.src", product: { name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.src", product_id: "rhvm-branding-rhv-0:4.4.11-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/rhvm-branding-rhv@4.4.11-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.src", product: { name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.src", product_id: "ovirt-engine-dwh-0:4.5.2-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-dwh@4.5.2-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-web-ui-0:1.8.1-2.el8ev.src", product: { name: "ovirt-web-ui-0:1.8.1-2.el8ev.src", product_id: "ovirt-web-ui-0:1.8.1-2.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-web-ui@1.8.1-2.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.src", product: { name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.src", product_id: "ovirt-engine-metrics-0:1.6.0-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-metrics@1.6.0-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ansible-runner-0:2.1.3-1.el8ev.src", product: { name: "ansible-runner-0:2.1.3-1.el8ev.src", product_id: "ansible-runner-0:2.1.3-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-runner@2.1.3-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", product: { name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", product_id: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.3-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.src", product: { name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.src", product_id: "ovirt-engine-0:4.5.0.7-0.9.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine@4.5.0.7-0.9.el8ev?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ovirt-dependencies-0:4.5.1-1.el8ev.noarch", product: { name: "ovirt-dependencies-0:4.5.1-1.el8ev.noarch", product_id: "ovirt-dependencies-0:4.5.1-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-dependencies@4.5.1-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-log-collector-0:4.4.5-1.el8ev.noarch", product: { name: "ovirt-log-collector-0:4.4.5-1.el8ev.noarch", product_id: "ovirt-log-collector-0:4.4.5-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-log-collector@4.4.5-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", product: { name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", product_id: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.13-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "engine-db-query-0:1.6.4-1.el8ev.noarch", product: { name: "engine-db-query-0:1.6.4-1.el8ev.noarch", product_id: "engine-db-query-0:1.6.4-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/engine-db-query@1.6.4-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", product: { name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", product_id: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-jsonrpc-java@1.7.1-2.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", product: { name: "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", product_id: "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-jsonrpc-java-javadoc@1.7.1-2.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "apache-sshd-1:2.8.0-0.1.el8ev.noarch", product: { name: "apache-sshd-1:2.8.0-0.1.el8ev.noarch", product_id: "apache-sshd-1:2.8.0-0.1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/apache-sshd@2.8.0-0.1.el8ev?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", product: { name: "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", product_id: "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/apache-sshd-javadoc@2.8.0-0.1.el8ev?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", product: { name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", product_id: "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rhvm-setup-plugins@4.5.0-2.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", product: { name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", product_id: "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rhvm-branding-rhv@4.4.11-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", product: { name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", product_id: "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-dwh@4.5.2-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", product: { name: "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", product_id: "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-dwh-grafana-integration-setup@4.5.2-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", product: { name: "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", product_id: "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-dwh-setup@4.5.2-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-web-ui-0:1.8.1-2.el8ev.noarch", product: { name: "ovirt-web-ui-0:1.8.1-2.el8ev.noarch", product_id: "ovirt-web-ui-0:1.8.1-2.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-web-ui@1.8.1-2.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", product: { name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", product_id: "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-metrics@1.6.0-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ansible-runner-0:2.1.3-1.el8ev.noarch", product: { name: "ansible-runner-0:2.1.3-1.el8ev.noarch", product_id: "ansible-runner-0:2.1.3-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-runner@2.1.3-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "python38-ansible-runner-0:2.1.3-1.el8ev.noarch", product: { name: "python38-ansible-runner-0:2.1.3-1.el8ev.noarch", product_id: "python38-ansible-runner-0:2.1.3-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python38-ansible-runner@2.1.3-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", product: { name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", product_id: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.3-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-backend@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-dbscripts@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-health-check-bundler@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-restapi@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-base@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-tools@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-tools-backup@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-webadmin-portal@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-websocket-proxy@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", product_id: "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3-ovirt-engine-lib@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "rhvm-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "rhvm-0:4.5.0.7-0.9.el8ev.noarch", product_id: "rhvm-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rhvm@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "python38-docutils-0:0.14-12.4.el8ev.noarch", product: { name: "python38-docutils-0:0.14-12.4.el8ev.noarch", product_id: "python38-docutils-0:0.14-12.4.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python38-docutils@0.14-12.4.el8ev?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-runner-0:2.1.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", }, product_reference: "ansible-runner-0:2.1.3-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ansible-runner-0:2.1.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", }, product_reference: "ansible-runner-0:2.1.3-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "apache-sshd-1:2.8.0-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", }, product_reference: "apache-sshd-1:2.8.0-0.1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "apache-sshd-1:2.8.0-0.1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", }, product_reference: "apache-sshd-1:2.8.0-0.1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", }, product_reference: "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "engine-db-query-0:1.6.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", }, product_reference: "engine-db-query-0:1.6.4-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "engine-db-query-0:1.6.4-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", }, product_reference: "engine-db-query-0:1.6.4-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-dependencies-0:4.5.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", }, product_reference: "ovirt-dependencies-0:4.5.1-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-dependencies-0:4.5.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", }, product_reference: "ovirt-dependencies-0:4.5.1-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", }, product_reference: "ovirt-engine-0:4.5.0.7-0.9.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", }, product_reference: "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", }, product_reference: "ovirt-engine-dwh-0:4.5.2-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", }, product_reference: "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", }, product_reference: "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", }, product_reference: "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", }, product_reference: "ovirt-engine-metrics-0:1.6.0-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", }, product_reference: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", }, product_reference: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-log-collector-0:4.4.5-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", }, product_reference: "ovirt-log-collector-0:4.4.5-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-log-collector-0:4.4.5-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", }, product_reference: "ovirt-log-collector-0:4.4.5-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-web-ui-0:1.8.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", }, product_reference: "ovirt-web-ui-0:1.8.1-2.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-web-ui-0:1.8.1-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", }, product_reference: "ovirt-web-ui-0:1.8.1-2.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python38-ansible-runner-0:2.1.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", }, product_reference: "python38-ansible-runner-0:2.1.3-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python38-docutils-0:0.14-12.4.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", }, product_reference: "python38-docutils-0:0.14-12.4.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", }, product_reference: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", }, product_reference: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhvm-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "rhvm-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", }, product_reference: "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", }, product_reference: "rhvm-branding-rhv-0:4.4.11-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", }, product_reference: "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", }, product_reference: "rhvm-setup-plugins-0:4.5.0-2.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", }, product_reference: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", }, product_reference: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", }, product_reference: "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, ], }, vulnerabilities: [ { cve: "CVE-2021-3807", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-09-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2007557", }, ], notes: [ { category: "description", text: "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", title: "Vulnerability summary", }, { category: "other", text: "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as 'will not fix'.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-3807", }, { category: "external", summary: "RHBZ#2007557", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2007557", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-3807", url: "https://www.cve.org/CVERecord?id=CVE-2021-3807", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-3807", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-3807", }, { category: "external", summary: "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994", url: "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994", }, ], release_date: "2021-09-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", }, { cve: "CVE-2021-23425", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-08-18T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1995793", }, ], notes: [ { category: "description", text: "A flaw was found in nodejs-trim-off-newlines. All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-trim-off-newlines: ReDoS via string processing", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat Directory Server 11 Web UI requires trim-off-newlines as a dependency, but it is not used in the 389-ds cockpit plugin, and not shipped as part of the RPM binary. Thus Red Hat Directory Server 11 is not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-23425", }, { category: "external", summary: "RHBZ#1995793", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1995793", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-23425", url: "https://www.cve.org/CVERecord?id=CVE-2021-23425", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-23425", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-23425", }, { category: "external", summary: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", url: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", }, ], release_date: "2021-05-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-trim-off-newlines: ReDoS via string processing", }, { cve: "CVE-2021-33502", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-05-24T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1964461", }, ], notes: [ { category: "description", text: "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-normalize-url: ReDoS for data URLs", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-33502", }, { category: "external", summary: "RHBZ#1964461", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1964461", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-33502", url: "https://www.cve.org/CVERecord?id=CVE-2021-33502", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-33502", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-33502", }, { category: "external", summary: "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539", url: "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539", }, ], release_date: "2021-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-normalize-url: ReDoS for data URLs", }, { cve: "CVE-2021-41182", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2021-10-26T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2019144", }, ], notes: [ { category: "description", text: "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.", title: "Vulnerability description", }, { category: "summary", text: "jquery-ui: XSS in the altField option of the datepicker widget", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-41182", }, { category: "external", summary: "RHBZ#2019144", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019144", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-41182", url: "https://www.cve.org/CVERecord?id=CVE-2021-41182", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-41182", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-41182", }, ], release_date: "2021-10-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery-ui: XSS in the altField option of the datepicker widget", }, { cve: "CVE-2021-41183", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2021-10-26T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2019148", }, ], notes: [ { category: "description", text: "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.", title: "Vulnerability description", }, { category: "summary", text: "jquery-ui: XSS in *Text options of the datepicker widget", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-41183", }, { category: "external", summary: "RHBZ#2019148", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019148", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-41183", url: "https://www.cve.org/CVERecord?id=CVE-2021-41183", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-41183", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-41183", }, ], release_date: "2021-10-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery-ui: XSS in *Text options of the datepicker widget", }, { cve: "CVE-2021-41184", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2021-10-26T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2019153", }, ], notes: [ { category: "description", text: "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.", title: "Vulnerability description", }, { category: "summary", text: "jquery-ui: XSS in the 'of' option of the .position() util", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-41184", }, { category: "external", summary: "RHBZ#2019153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-41184", url: "https://www.cve.org/CVERecord?id=CVE-2021-41184", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-41184", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-41184", }, ], release_date: "2021-10-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery-ui: XSS in the 'of' option of the .position() util", }, ], }
rhsa-2022:4711
Vulnerability from csaf_redhat
Published
2022-05-26 16:25
Modified
2025-03-20 12:48
Summary
Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update
Notes
Topic
Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
Security Fix(es):
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* jquery-ui: XSS in the altField option of the datepicker widget (CVE-2021-41182)
* jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)
* jquery-ui: XSS in the 'of' option of the .position() util (CVE-2021-41184)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
A list of bugs fixed in this update is available in the Technical Notes book:
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.\n\nSecurity Fix(es):\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* jquery-ui: XSS in the altField option of the datepicker widget (CVE-2021-41182)\n\n* jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)\n\n* jquery-ui: XSS in the 'of' option of the .position() util (CVE-2021-41184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nA list of bugs fixed in this update is available in the Technical Notes book:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2022:4711", url: "https://access.redhat.com/errata/RHSA-2022:4711", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes", url: "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes", }, { category: "external", summary: "655153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=655153", }, { category: "external", summary: "977778", url: "https://bugzilla.redhat.com/show_bug.cgi?id=977778", }, { category: "external", summary: "1624015", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1624015", }, { category: "external", summary: "1648985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1648985", }, { category: "external", summary: "1667517", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667517", }, { category: "external", summary: "1687845", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1687845", }, { category: "external", summary: "1781241", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1781241", }, { category: "external", summary: "1782056", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1782056", }, { category: "external", summary: "1849169", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1849169", }, { category: "external", summary: "1878930", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1878930", }, { category: "external", summary: "1922977", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1922977", }, { category: "external", summary: "1926625", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1926625", }, { category: "external", summary: "1927985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1927985", }, { category: "external", summary: "1944290", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1944290", }, { category: "external", summary: "1944834", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1944834", }, { category: "external", summary: "1956295", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1956295", }, { category: "external", summary: "1959186", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1959186", }, { category: "external", summary: "1964208", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1964208", }, { category: "external", summary: "1964461", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1964461", }, { category: "external", summary: "1971622", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1971622", }, { category: "external", summary: "1974741", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1974741", }, { category: "external", summary: "1979441", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1979441", }, { category: "external", summary: "1979797", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1979797", }, { category: "external", summary: "1980192", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1980192", }, { category: "external", summary: "1986726", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1986726", }, { category: "external", summary: "1986834", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1986834", }, { category: "external", summary: "1987121", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1987121", }, { category: "external", summary: "1988496", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1988496", }, { category: "external", summary: "1990462", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1990462", }, { category: "external", summary: "1991240", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1991240", }, { category: "external", summary: "1995793", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1995793", }, { category: "external", summary: "1996123", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1996123", }, { category: "external", summary: "1998255", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1998255", }, { category: "external", summary: "1999698", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1999698", }, { category: "external", summary: "2000031", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2000031", }, { category: "external", summary: "2002283", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2002283", }, { category: "external", summary: "2003883", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2003883", }, { category: "external", summary: "2003996", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2003996", }, { category: "external", summary: "2006602", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2006602", }, { category: "external", summary: "2006745", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2006745", }, { category: "external", summary: "2007384", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2007384", }, { category: "external", summary: "2007557", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2007557", }, { category: "external", summary: "2008798", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2008798", }, { category: "external", summary: "2010203", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2010203", }, { category: "external", summary: "2010903", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2010903", }, { category: "external", summary: "2013928", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2013928", }, { category: "external", summary: "2014888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2014888", }, { category: "external", summary: "2015796", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2015796", }, { category: "external", summary: "2019144", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019144", }, { category: "external", summary: "2019148", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019148", }, { category: "external", summary: "2019153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019153", }, { category: "external", summary: "2021217", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2021217", }, { category: "external", summary: "2023250", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2023250", }, { category: "external", summary: "2023786", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2023786", }, { category: "external", summary: "2024202", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2024202", }, { category: "external", summary: "2025936", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2025936", }, { category: "external", summary: "2030596", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2030596", }, { category: "external", summary: "2030663", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2030663", }, { category: "external", summary: "2031027", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2031027", }, { category: "external", summary: "2035051", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2035051", }, { category: "external", summary: "2037115", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2037115", }, { category: "external", summary: "2037121", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2037121", }, { category: "external", summary: "2040361", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2040361", }, { category: "external", summary: "2040402", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2040402", }, { category: "external", summary: "2040474", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2040474", }, { category: "external", summary: "2041544", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2041544", }, { category: "external", summary: "2043146", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2043146", }, { category: "external", summary: "2044273", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044273", }, { category: "external", summary: "2048546", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2048546", }, { category: "external", summary: "2050566", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2050566", }, { category: "external", summary: "2050614", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2050614", }, { category: "external", summary: "2051857", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2051857", }, { category: "external", summary: "2052557", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2052557", }, { category: "external", summary: "2052690", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2052690", }, { category: "external", summary: "2054756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2054756", }, { category: "external", summary: "2055136", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2055136", }, { category: "external", summary: "2056021", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2056021", }, { category: "external", summary: "2056052", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2056052", }, { category: "external", summary: "2056126", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2056126", }, { category: "external", summary: "2058264", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2058264", }, { category: "external", summary: "2059521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2059521", }, { category: "external", summary: "2059877", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2059877", }, { category: "external", summary: "2061904", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2061904", }, { category: "external", summary: "2065052", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2065052", }, { category: "external", summary: "2066084", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2066084", }, { category: "external", summary: "2066283", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2066283", }, { category: "external", summary: "2069972", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2069972", }, { category: "external", summary: "2070156", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2070156", }, { category: "external", summary: "2071468", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2071468", }, { category: "external", summary: "2072637", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072637", }, { category: "external", summary: "2072639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072639", }, { category: "external", summary: "2072641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072641", }, { category: "external", summary: "2072642", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072642", }, { category: "external", summary: "2072645", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072645", }, { category: "external", summary: "2072646", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072646", }, { category: "external", summary: "2075352", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2075352", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4711.json", }, ], title: "Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update", tracking: { current_release_date: "2025-03-20T12:48:53+00:00", generator: { date: "2025-03-20T12:48:53+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2022:4711", initial_release_date: "2022-05-26T16:25:03+00:00", revision_history: [ { date: "2022-05-26T16:25:03+00:00", number: "1", summary: "Initial version", }, { date: "2022-05-26T16:25:03+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-20T12:48:53+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product: { name: "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4", product_identification_helper: { cpe: "cpe:/a:redhat:rhev_manager:4.4:el8", }, }, }, ], category: "product_family", name: "Red Hat Virtualization", }, { branches: [ { category: "product_version", name: "ovirt-dependencies-0:4.5.1-1.el8ev.src", product: { name: "ovirt-dependencies-0:4.5.1-1.el8ev.src", product_id: "ovirt-dependencies-0:4.5.1-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-dependencies@4.5.1-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-log-collector-0:4.4.5-1.el8ev.src", product: { name: "ovirt-log-collector-0:4.4.5-1.el8ev.src", product_id: "ovirt-log-collector-0:4.4.5-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-log-collector@4.4.5-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", product: { name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", product_id: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.13-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "engine-db-query-0:1.6.4-1.el8ev.src", product: { name: "engine-db-query-0:1.6.4-1.el8ev.src", product_id: "engine-db-query-0:1.6.4-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/engine-db-query@1.6.4-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", product: { name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", product_id: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-jsonrpc-java@1.7.1-2.el8ev?arch=src", }, }, }, { category: "product_version", name: "apache-sshd-1:2.8.0-0.1.el8ev.src", product: { name: "apache-sshd-1:2.8.0-0.1.el8ev.src", product_id: "apache-sshd-1:2.8.0-0.1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/apache-sshd@2.8.0-0.1.el8ev?arch=src&epoch=1", }, }, }, { category: "product_version", name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.src", product: { name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.src", product_id: "rhvm-setup-plugins-0:4.5.0-2.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/rhvm-setup-plugins@4.5.0-2.el8ev?arch=src", }, }, }, { category: "product_version", name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.src", product: { name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.src", product_id: "rhvm-branding-rhv-0:4.4.11-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/rhvm-branding-rhv@4.4.11-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.src", product: { name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.src", product_id: "ovirt-engine-dwh-0:4.5.2-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-dwh@4.5.2-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-web-ui-0:1.8.1-2.el8ev.src", product: { name: "ovirt-web-ui-0:1.8.1-2.el8ev.src", product_id: "ovirt-web-ui-0:1.8.1-2.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-web-ui@1.8.1-2.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.src", product: { name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.src", product_id: "ovirt-engine-metrics-0:1.6.0-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-metrics@1.6.0-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ansible-runner-0:2.1.3-1.el8ev.src", product: { name: "ansible-runner-0:2.1.3-1.el8ev.src", product_id: "ansible-runner-0:2.1.3-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-runner@2.1.3-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", product: { name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", product_id: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.3-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.src", product: { name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.src", product_id: "ovirt-engine-0:4.5.0.7-0.9.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine@4.5.0.7-0.9.el8ev?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ovirt-dependencies-0:4.5.1-1.el8ev.noarch", product: { name: "ovirt-dependencies-0:4.5.1-1.el8ev.noarch", product_id: "ovirt-dependencies-0:4.5.1-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-dependencies@4.5.1-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-log-collector-0:4.4.5-1.el8ev.noarch", product: { name: "ovirt-log-collector-0:4.4.5-1.el8ev.noarch", product_id: "ovirt-log-collector-0:4.4.5-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-log-collector@4.4.5-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", product: { name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", product_id: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.13-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "engine-db-query-0:1.6.4-1.el8ev.noarch", product: { name: "engine-db-query-0:1.6.4-1.el8ev.noarch", product_id: "engine-db-query-0:1.6.4-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/engine-db-query@1.6.4-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", product: { name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", product_id: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-jsonrpc-java@1.7.1-2.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", product: { name: "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", product_id: "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-jsonrpc-java-javadoc@1.7.1-2.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "apache-sshd-1:2.8.0-0.1.el8ev.noarch", product: { name: "apache-sshd-1:2.8.0-0.1.el8ev.noarch", product_id: "apache-sshd-1:2.8.0-0.1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/apache-sshd@2.8.0-0.1.el8ev?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", product: { name: "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", product_id: "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/apache-sshd-javadoc@2.8.0-0.1.el8ev?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", product: { name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", product_id: "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rhvm-setup-plugins@4.5.0-2.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", product: { name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", product_id: "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rhvm-branding-rhv@4.4.11-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", product: { name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", product_id: "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-dwh@4.5.2-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", product: { name: "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", product_id: "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-dwh-grafana-integration-setup@4.5.2-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", product: { name: "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", product_id: "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-dwh-setup@4.5.2-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-web-ui-0:1.8.1-2.el8ev.noarch", product: { name: "ovirt-web-ui-0:1.8.1-2.el8ev.noarch", product_id: "ovirt-web-ui-0:1.8.1-2.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-web-ui@1.8.1-2.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", product: { name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", product_id: "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-metrics@1.6.0-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ansible-runner-0:2.1.3-1.el8ev.noarch", product: { name: "ansible-runner-0:2.1.3-1.el8ev.noarch", product_id: "ansible-runner-0:2.1.3-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-runner@2.1.3-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "python38-ansible-runner-0:2.1.3-1.el8ev.noarch", product: { name: "python38-ansible-runner-0:2.1.3-1.el8ev.noarch", product_id: "python38-ansible-runner-0:2.1.3-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python38-ansible-runner@2.1.3-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", product: { name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", product_id: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.3-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-backend@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-dbscripts@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-health-check-bundler@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-restapi@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-base@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-tools@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-tools-backup@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-webadmin-portal@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-websocket-proxy@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", product_id: "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3-ovirt-engine-lib@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "rhvm-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "rhvm-0:4.5.0.7-0.9.el8ev.noarch", product_id: "rhvm-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rhvm@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "python38-docutils-0:0.14-12.4.el8ev.noarch", product: { name: "python38-docutils-0:0.14-12.4.el8ev.noarch", product_id: "python38-docutils-0:0.14-12.4.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python38-docutils@0.14-12.4.el8ev?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-runner-0:2.1.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", }, product_reference: "ansible-runner-0:2.1.3-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ansible-runner-0:2.1.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", }, product_reference: "ansible-runner-0:2.1.3-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "apache-sshd-1:2.8.0-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", }, product_reference: "apache-sshd-1:2.8.0-0.1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "apache-sshd-1:2.8.0-0.1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", }, product_reference: "apache-sshd-1:2.8.0-0.1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", }, product_reference: "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "engine-db-query-0:1.6.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", }, product_reference: "engine-db-query-0:1.6.4-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "engine-db-query-0:1.6.4-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", }, product_reference: "engine-db-query-0:1.6.4-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-dependencies-0:4.5.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", }, product_reference: "ovirt-dependencies-0:4.5.1-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-dependencies-0:4.5.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", }, product_reference: "ovirt-dependencies-0:4.5.1-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", }, product_reference: "ovirt-engine-0:4.5.0.7-0.9.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", }, product_reference: "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", }, product_reference: "ovirt-engine-dwh-0:4.5.2-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", }, product_reference: "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", }, product_reference: "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", }, product_reference: "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", }, product_reference: "ovirt-engine-metrics-0:1.6.0-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", }, product_reference: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", }, product_reference: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-log-collector-0:4.4.5-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", }, product_reference: "ovirt-log-collector-0:4.4.5-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-log-collector-0:4.4.5-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", }, product_reference: "ovirt-log-collector-0:4.4.5-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-web-ui-0:1.8.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", }, product_reference: "ovirt-web-ui-0:1.8.1-2.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-web-ui-0:1.8.1-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", }, product_reference: "ovirt-web-ui-0:1.8.1-2.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python38-ansible-runner-0:2.1.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", }, product_reference: "python38-ansible-runner-0:2.1.3-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python38-docutils-0:0.14-12.4.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", }, product_reference: "python38-docutils-0:0.14-12.4.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", }, product_reference: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", }, product_reference: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhvm-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "rhvm-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", }, product_reference: "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", }, product_reference: "rhvm-branding-rhv-0:4.4.11-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", }, product_reference: "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", }, product_reference: "rhvm-setup-plugins-0:4.5.0-2.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", }, product_reference: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", }, product_reference: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", }, product_reference: "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, ], }, vulnerabilities: [ { cve: "CVE-2021-3807", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-09-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2007557", }, ], notes: [ { category: "description", text: "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", title: "Vulnerability summary", }, { category: "other", text: "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as 'will not fix'.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-3807", }, { category: "external", summary: "RHBZ#2007557", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2007557", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-3807", url: "https://www.cve.org/CVERecord?id=CVE-2021-3807", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-3807", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-3807", }, { category: "external", summary: "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994", url: "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994", }, ], release_date: "2021-09-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", }, { cve: "CVE-2021-23425", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-08-18T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1995793", }, ], notes: [ { category: "description", text: "A flaw was found in nodejs-trim-off-newlines. All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-trim-off-newlines: ReDoS via string processing", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat Directory Server 11 Web UI requires trim-off-newlines as a dependency, but it is not used in the 389-ds cockpit plugin, and not shipped as part of the RPM binary. Thus Red Hat Directory Server 11 is not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-23425", }, { category: "external", summary: "RHBZ#1995793", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1995793", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-23425", url: "https://www.cve.org/CVERecord?id=CVE-2021-23425", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-23425", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-23425", }, { category: "external", summary: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", url: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", }, ], release_date: "2021-05-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-trim-off-newlines: ReDoS via string processing", }, { cve: "CVE-2021-33502", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-05-24T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1964461", }, ], notes: [ { category: "description", text: "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-normalize-url: ReDoS for data URLs", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-33502", }, { category: "external", summary: "RHBZ#1964461", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1964461", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-33502", url: "https://www.cve.org/CVERecord?id=CVE-2021-33502", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-33502", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-33502", }, { category: "external", summary: "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539", url: "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539", }, ], release_date: "2021-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-normalize-url: ReDoS for data URLs", }, { cve: "CVE-2021-41182", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2021-10-26T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2019144", }, ], notes: [ { category: "description", text: "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.", title: "Vulnerability description", }, { category: "summary", text: "jquery-ui: XSS in the altField option of the datepicker widget", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-41182", }, { category: "external", summary: "RHBZ#2019144", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019144", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-41182", url: "https://www.cve.org/CVERecord?id=CVE-2021-41182", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-41182", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-41182", }, ], release_date: "2021-10-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery-ui: XSS in the altField option of the datepicker widget", }, { cve: "CVE-2021-41183", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2021-10-26T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2019148", }, ], notes: [ { category: "description", text: "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.", title: "Vulnerability description", }, { category: "summary", text: "jquery-ui: XSS in *Text options of the datepicker widget", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-41183", }, { category: "external", summary: "RHBZ#2019148", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019148", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-41183", url: "https://www.cve.org/CVERecord?id=CVE-2021-41183", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-41183", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-41183", }, ], release_date: "2021-10-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery-ui: XSS in *Text options of the datepicker widget", }, { cve: "CVE-2021-41184", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2021-10-26T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2019153", }, ], notes: [ { category: "description", text: "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.", title: "Vulnerability description", }, { category: "summary", text: "jquery-ui: XSS in the 'of' option of the .position() util", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-41184", }, { category: "external", summary: "RHBZ#2019153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-41184", url: "https://www.cve.org/CVERecord?id=CVE-2021-41184", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-41184", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-41184", }, ], release_date: "2021-10-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery-ui: XSS in the 'of' option of the .position() util", }, ], }
rhsa-2022_4711
Vulnerability from csaf_redhat
Published
2022-05-26 16:25
Modified
2024-11-22 21:43
Summary
Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update
Notes
Topic
Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
Security Fix(es):
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* jquery-ui: XSS in the altField option of the datepicker widget (CVE-2021-41182)
* jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)
* jquery-ui: XSS in the 'of' option of the .position() util (CVE-2021-41184)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
A list of bugs fixed in this update is available in the Technical Notes book:
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.\n\nSecurity Fix(es):\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* jquery-ui: XSS in the altField option of the datepicker widget (CVE-2021-41182)\n\n* jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)\n\n* jquery-ui: XSS in the 'of' option of the .position() util (CVE-2021-41184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nA list of bugs fixed in this update is available in the Technical Notes book:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2022:4711", url: "https://access.redhat.com/errata/RHSA-2022:4711", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes", url: "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes", }, { category: "external", summary: "655153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=655153", }, { category: "external", summary: "977778", url: "https://bugzilla.redhat.com/show_bug.cgi?id=977778", }, { category: "external", summary: "1624015", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1624015", }, { category: "external", summary: "1648985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1648985", }, { category: "external", summary: "1667517", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667517", }, { category: "external", summary: "1687845", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1687845", }, { category: "external", summary: "1781241", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1781241", }, { category: "external", summary: "1782056", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1782056", }, { category: "external", summary: "1849169", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1849169", }, { category: "external", summary: "1878930", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1878930", }, { category: "external", summary: "1922977", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1922977", }, { category: "external", summary: "1926625", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1926625", }, { category: "external", summary: "1927985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1927985", }, { category: "external", summary: "1944290", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1944290", }, { category: "external", summary: "1944834", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1944834", }, { category: "external", summary: "1956295", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1956295", }, { category: "external", summary: "1959186", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1959186", }, { category: "external", summary: "1964208", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1964208", }, { category: "external", summary: "1964461", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1964461", }, { category: "external", summary: "1971622", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1971622", }, { category: "external", summary: "1974741", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1974741", }, { category: "external", summary: "1979441", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1979441", }, { category: "external", summary: "1979797", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1979797", }, { category: "external", summary: "1980192", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1980192", }, { category: "external", summary: "1986726", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1986726", }, { category: "external", summary: "1986834", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1986834", }, { category: "external", summary: "1987121", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1987121", }, { category: "external", summary: "1988496", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1988496", }, { category: "external", summary: "1990462", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1990462", }, { category: "external", summary: "1991240", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1991240", }, { category: "external", summary: "1995793", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1995793", }, { category: "external", summary: "1996123", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1996123", }, { category: "external", summary: "1998255", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1998255", }, { category: "external", summary: "1999698", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1999698", }, { category: "external", summary: "2000031", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2000031", }, { category: "external", summary: "2002283", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2002283", }, { category: "external", summary: "2003883", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2003883", }, { category: "external", summary: "2003996", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2003996", }, { category: "external", summary: "2006602", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2006602", }, { category: "external", summary: "2006745", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2006745", }, { category: "external", summary: "2007384", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2007384", }, { category: "external", summary: "2007557", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2007557", }, { category: "external", summary: "2008798", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2008798", }, { category: "external", summary: "2010203", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2010203", }, { category: "external", summary: "2010903", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2010903", }, { category: "external", summary: "2013928", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2013928", }, { category: "external", summary: "2014888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2014888", }, { category: "external", summary: "2015796", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2015796", }, { category: "external", summary: "2019144", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019144", }, { category: "external", summary: "2019148", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019148", }, { category: "external", summary: "2019153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019153", }, { category: "external", summary: "2021217", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2021217", }, { category: "external", summary: "2023250", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2023250", }, { category: "external", summary: "2023786", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2023786", }, { category: "external", summary: "2024202", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2024202", }, { category: "external", summary: "2025936", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2025936", }, { category: "external", summary: "2030596", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2030596", }, { category: "external", summary: "2030663", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2030663", }, { category: "external", summary: "2031027", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2031027", }, { category: "external", summary: "2035051", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2035051", }, { category: "external", summary: "2037115", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2037115", }, { category: "external", summary: "2037121", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2037121", }, { category: "external", summary: "2040361", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2040361", }, { category: "external", summary: "2040402", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2040402", }, { category: "external", summary: "2040474", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2040474", }, { category: "external", summary: "2041544", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2041544", }, { category: "external", summary: "2043146", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2043146", }, { category: "external", summary: "2044273", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044273", }, { category: "external", summary: "2048546", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2048546", }, { category: "external", summary: "2050566", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2050566", }, { category: "external", summary: "2050614", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2050614", }, { category: "external", summary: "2051857", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2051857", }, { category: "external", summary: "2052557", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2052557", }, { category: "external", summary: "2052690", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2052690", }, { category: "external", summary: "2054756", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2054756", }, { category: "external", summary: "2055136", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2055136", }, { category: "external", summary: "2056021", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2056021", }, { category: "external", summary: "2056052", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2056052", }, { category: "external", summary: "2056126", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2056126", }, { category: "external", summary: "2058264", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2058264", }, { category: "external", summary: "2059521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2059521", }, { category: "external", summary: "2059877", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2059877", }, { category: "external", summary: "2061904", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2061904", }, { category: "external", summary: "2065052", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2065052", }, { category: "external", summary: "2066084", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2066084", }, { category: "external", summary: "2066283", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2066283", }, { category: "external", summary: "2069972", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2069972", }, { category: "external", summary: "2070156", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2070156", }, { category: "external", summary: "2071468", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2071468", }, { category: "external", summary: "2072637", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072637", }, { category: "external", summary: "2072639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072639", }, { category: "external", summary: "2072641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072641", }, { category: "external", summary: "2072642", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072642", }, { category: "external", summary: "2072645", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072645", }, { category: "external", summary: "2072646", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2072646", }, { category: "external", summary: "2075352", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2075352", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4711.json", }, ], title: "Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update", tracking: { current_release_date: "2024-11-22T21:43:43+00:00", generator: { date: "2024-11-22T21:43:43+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2022:4711", initial_release_date: "2022-05-26T16:25:03+00:00", revision_history: [ { date: "2022-05-26T16:25:03+00:00", number: "1", summary: "Initial version", }, { date: "2022-05-26T16:25:03+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T21:43:43+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product: { name: "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4", product_identification_helper: { cpe: "cpe:/a:redhat:rhev_manager:4.4:el8", }, }, }, ], category: "product_family", name: "Red Hat Virtualization", }, { branches: [ { category: "product_version", name: "ovirt-dependencies-0:4.5.1-1.el8ev.src", product: { name: "ovirt-dependencies-0:4.5.1-1.el8ev.src", product_id: "ovirt-dependencies-0:4.5.1-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-dependencies@4.5.1-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-log-collector-0:4.4.5-1.el8ev.src", product: { name: "ovirt-log-collector-0:4.4.5-1.el8ev.src", product_id: "ovirt-log-collector-0:4.4.5-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-log-collector@4.4.5-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", product: { name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", product_id: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.13-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "engine-db-query-0:1.6.4-1.el8ev.src", product: { name: "engine-db-query-0:1.6.4-1.el8ev.src", product_id: "engine-db-query-0:1.6.4-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/engine-db-query@1.6.4-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", product: { name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", product_id: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-jsonrpc-java@1.7.1-2.el8ev?arch=src", }, }, }, { category: "product_version", name: "apache-sshd-1:2.8.0-0.1.el8ev.src", product: { name: "apache-sshd-1:2.8.0-0.1.el8ev.src", product_id: "apache-sshd-1:2.8.0-0.1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/apache-sshd@2.8.0-0.1.el8ev?arch=src&epoch=1", }, }, }, { category: "product_version", name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.src", product: { name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.src", product_id: "rhvm-setup-plugins-0:4.5.0-2.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/rhvm-setup-plugins@4.5.0-2.el8ev?arch=src", }, }, }, { category: "product_version", name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.src", product: { name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.src", product_id: "rhvm-branding-rhv-0:4.4.11-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/rhvm-branding-rhv@4.4.11-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.src", product: { name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.src", product_id: "ovirt-engine-dwh-0:4.5.2-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-dwh@4.5.2-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-web-ui-0:1.8.1-2.el8ev.src", product: { name: "ovirt-web-ui-0:1.8.1-2.el8ev.src", product_id: "ovirt-web-ui-0:1.8.1-2.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-web-ui@1.8.1-2.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.src", product: { name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.src", product_id: "ovirt-engine-metrics-0:1.6.0-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-metrics@1.6.0-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ansible-runner-0:2.1.3-1.el8ev.src", product: { name: "ansible-runner-0:2.1.3-1.el8ev.src", product_id: "ansible-runner-0:2.1.3-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-runner@2.1.3-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", product: { name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", product_id: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.3-1.el8ev?arch=src", }, }, }, { category: "product_version", name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.src", product: { name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.src", product_id: "ovirt-engine-0:4.5.0.7-0.9.el8ev.src", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine@4.5.0.7-0.9.el8ev?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "ovirt-dependencies-0:4.5.1-1.el8ev.noarch", product: { name: "ovirt-dependencies-0:4.5.1-1.el8ev.noarch", product_id: "ovirt-dependencies-0:4.5.1-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-dependencies@4.5.1-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-log-collector-0:4.4.5-1.el8ev.noarch", product: { name: "ovirt-log-collector-0:4.4.5-1.el8ev.noarch", product_id: "ovirt-log-collector-0:4.4.5-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-log-collector@4.4.5-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", product: { name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", product_id: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.13-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "engine-db-query-0:1.6.4-1.el8ev.noarch", product: { name: "engine-db-query-0:1.6.4-1.el8ev.noarch", product_id: "engine-db-query-0:1.6.4-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/engine-db-query@1.6.4-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", product: { name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", product_id: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-jsonrpc-java@1.7.1-2.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", product: { name: "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", product_id: "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/vdsm-jsonrpc-java-javadoc@1.7.1-2.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "apache-sshd-1:2.8.0-0.1.el8ev.noarch", product: { name: "apache-sshd-1:2.8.0-0.1.el8ev.noarch", product_id: "apache-sshd-1:2.8.0-0.1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/apache-sshd@2.8.0-0.1.el8ev?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", product: { name: "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", product_id: "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/apache-sshd-javadoc@2.8.0-0.1.el8ev?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", product: { name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", product_id: "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rhvm-setup-plugins@4.5.0-2.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", product: { name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", product_id: "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rhvm-branding-rhv@4.4.11-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", product: { name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", product_id: "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-dwh@4.5.2-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", product: { name: "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", product_id: "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-dwh-grafana-integration-setup@4.5.2-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", product: { name: "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", product_id: "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-dwh-setup@4.5.2-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-web-ui-0:1.8.1-2.el8ev.noarch", product: { name: "ovirt-web-ui-0:1.8.1-2.el8ev.noarch", product_id: "ovirt-web-ui-0:1.8.1-2.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-web-ui@1.8.1-2.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", product: { name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", product_id: "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-metrics@1.6.0-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ansible-runner-0:2.1.3-1.el8ev.noarch", product: { name: "ansible-runner-0:2.1.3-1.el8ev.noarch", product_id: "ansible-runner-0:2.1.3-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-runner@2.1.3-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "python38-ansible-runner-0:2.1.3-1.el8ev.noarch", product: { name: "python38-ansible-runner-0:2.1.3-1.el8ev.noarch", product_id: "python38-ansible-runner-0:2.1.3-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python38-ansible-runner@2.1.3-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", product: { name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", product_id: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.3-1.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-backend@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-dbscripts@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-health-check-bundler@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-restapi@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-base@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-tools@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-tools-backup@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-webadmin-portal@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product_id: "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ovirt-engine-websocket-proxy@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", product_id: "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3-ovirt-engine-lib@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "rhvm-0:4.5.0.7-0.9.el8ev.noarch", product: { name: "rhvm-0:4.5.0.7-0.9.el8ev.noarch", product_id: "rhvm-0:4.5.0.7-0.9.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/rhvm@4.5.0.7-0.9.el8ev?arch=noarch", }, }, }, { category: "product_version", name: "python38-docutils-0:0.14-12.4.el8ev.noarch", product: { name: "python38-docutils-0:0.14-12.4.el8ev.noarch", product_id: "python38-docutils-0:0.14-12.4.el8ev.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python38-docutils@0.14-12.4.el8ev?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-runner-0:2.1.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", }, product_reference: "ansible-runner-0:2.1.3-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ansible-runner-0:2.1.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", }, product_reference: "ansible-runner-0:2.1.3-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "apache-sshd-1:2.8.0-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", }, product_reference: "apache-sshd-1:2.8.0-0.1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "apache-sshd-1:2.8.0-0.1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", }, product_reference: "apache-sshd-1:2.8.0-0.1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", }, product_reference: "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "engine-db-query-0:1.6.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", }, product_reference: "engine-db-query-0:1.6.4-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "engine-db-query-0:1.6.4-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", }, product_reference: "engine-db-query-0:1.6.4-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-dependencies-0:4.5.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", }, product_reference: "ovirt-dependencies-0:4.5.1-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-dependencies-0:4.5.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", }, product_reference: "ovirt-dependencies-0:4.5.1-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-0:4.5.0.7-0.9.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", }, product_reference: "ovirt-engine-0:4.5.0.7-0.9.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", }, product_reference: "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-dwh-0:4.5.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", }, product_reference: "ovirt-engine-dwh-0:4.5.2-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", }, product_reference: "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", }, product_reference: "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", }, product_reference: "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-metrics-0:1.6.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", }, product_reference: "ovirt-engine-metrics-0:1.6.0-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", }, product_reference: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", }, product_reference: "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-log-collector-0:4.4.5-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", }, product_reference: "ovirt-log-collector-0:4.4.5-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-log-collector-0:4.4.5-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", }, product_reference: "ovirt-log-collector-0:4.4.5-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-web-ui-0:1.8.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", }, product_reference: "ovirt-web-ui-0:1.8.1-2.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "ovirt-web-ui-0:1.8.1-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", }, product_reference: "ovirt-web-ui-0:1.8.1-2.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python38-ansible-runner-0:2.1.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", }, product_reference: "python38-ansible-runner-0:2.1.3-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "python38-docutils-0:0.14-12.4.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", }, product_reference: "python38-docutils-0:0.14-12.4.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", }, product_reference: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", }, product_reference: "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhvm-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", }, product_reference: "rhvm-0:4.5.0.7-0.9.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", }, product_reference: "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhvm-branding-rhv-0:4.4.11-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", }, product_reference: "rhvm-branding-rhv-0:4.4.11-1.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", }, product_reference: "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "rhvm-setup-plugins-0:4.5.0-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", }, product_reference: "rhvm-setup-plugins-0:4.5.0-2.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", }, product_reference: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", }, product_reference: "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", relates_to_product_reference: "8Base-RHV-S-4.4", }, { category: "default_component_of", full_product_name: { name: "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", product_id: "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", }, product_reference: "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", relates_to_product_reference: "8Base-RHV-S-4.4", }, ], }, vulnerabilities: [ { cve: "CVE-2021-3807", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-09-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2007557", }, ], notes: [ { category: "description", text: "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", title: "Vulnerability summary", }, { category: "other", text: "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as 'will not fix'.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-3807", }, { category: "external", summary: "RHBZ#2007557", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2007557", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-3807", url: "https://www.cve.org/CVERecord?id=CVE-2021-3807", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-3807", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-3807", }, { category: "external", summary: "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994", url: "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994", }, ], release_date: "2021-09-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", }, { cve: "CVE-2021-23425", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-08-18T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1995793", }, ], notes: [ { category: "description", text: "A flaw was found in nodejs-trim-off-newlines. All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing. The highest threat from this vulnerability is to system availability.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-trim-off-newlines: ReDoS via string processing", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat Directory Server 11 Web UI requires trim-off-newlines as a dependency, but it is not used in the 389-ds cockpit plugin, and not shipped as part of the RPM binary. Thus Red Hat Directory Server 11 is not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-23425", }, { category: "external", summary: "RHBZ#1995793", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1995793", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-23425", url: "https://www.cve.org/CVERecord?id=CVE-2021-23425", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-23425", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-23425", }, { category: "external", summary: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", url: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", }, ], release_date: "2021-05-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-trim-off-newlines: ReDoS via string processing", }, { cve: "CVE-2021-33502", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2021-05-24T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1964461", }, ], notes: [ { category: "description", text: "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-normalize-url: ReDoS for data URLs", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-33502", }, { category: "external", summary: "RHBZ#1964461", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1964461", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-33502", url: "https://www.cve.org/CVERecord?id=CVE-2021-33502", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-33502", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-33502", }, { category: "external", summary: "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539", url: "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539", }, ], release_date: "2021-05-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-normalize-url: ReDoS for data URLs", }, { cve: "CVE-2021-41182", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2021-10-26T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2019144", }, ], notes: [ { category: "description", text: "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.", title: "Vulnerability description", }, { category: "summary", text: "jquery-ui: XSS in the altField option of the datepicker widget", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-41182", }, { category: "external", summary: "RHBZ#2019144", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019144", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-41182", url: "https://www.cve.org/CVERecord?id=CVE-2021-41182", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-41182", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-41182", }, ], release_date: "2021-10-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery-ui: XSS in the altField option of the datepicker widget", }, { cve: "CVE-2021-41183", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2021-10-26T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2019148", }, ], notes: [ { category: "description", text: "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.", title: "Vulnerability description", }, { category: "summary", text: "jquery-ui: XSS in *Text options of the datepicker widget", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-41183", }, { category: "external", summary: "RHBZ#2019148", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019148", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-41183", url: "https://www.cve.org/CVERecord?id=CVE-2021-41183", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-41183", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-41183", }, ], release_date: "2021-10-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery-ui: XSS in *Text options of the datepicker widget", }, { cve: "CVE-2021-41184", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2021-10-26T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2019153", }, ], notes: [ { category: "description", text: "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.", title: "Vulnerability description", }, { category: "summary", text: "jquery-ui: XSS in the 'of' option of the .position() util", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], known_not_affected: [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-41184", }, { category: "external", summary: "RHBZ#2019153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2019153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-41184", url: "https://www.cve.org/CVERecord?id=CVE-2021-41184", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-41184", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-41184", }, ], release_date: "2021-10-25T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2022-05-26T16:25:03+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", product_ids: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2022:4711", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery-ui: XSS in the 'of' option of the .position() util", }, ], }
ghsa-38fc-wpqx-33j7
Vulnerability from github
Published
2021-09-02 17:15
Modified
2021-08-26 14:52
Severity ?
Summary
Uncontrolled Resource Consumption in trim-off-newlines
Details
All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.
{ affected: [ { package: { ecosystem: "npm", name: "trim-off-newlines", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "1.0.3", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2021-23425", ], database_specific: { cwe_ids: [ "CWE-400", ], github_reviewed: true, github_reviewed_at: "2021-08-26T14:52:19Z", nvd_published_at: "2021-08-18T17:15:00Z", severity: "MODERATE", }, details: "All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.", id: "GHSA-38fc-wpqx-33j7", modified: "2021-08-26T14:52:19Z", published: "2021-09-02T17:15:42Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-23425", }, { type: "WEB", url: "https://github.com/stevemao/trim-off-newlines/pull/3", }, { type: "PACKAGE", url: "https://github.com/stevemao/trim-off-newlines", }, { type: "WEB", url: "https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6", }, { type: "WEB", url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197", }, { type: "WEB", url: "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", type: "CVSS_V3", }, ], summary: "Uncontrolled Resource Consumption in trim-off-newlines", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.