Action not permitted
Modal body text goes here.
cve-2021-29923
Vulnerability from cvelistv5
Published
2021-08-07 16:38
Modified
2024-08-03 22:18
Severity
Summary
Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.
References
| Source | URL | Tags |
|---|---|---|
| cve@mitre.org | https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis | Third Party Advisory |
| cve@mitre.org | https://github.com/golang/go/issues/30999 | Exploit, Issue Tracking, Third Party Advisory |
| cve@mitre.org | https://github.com/golang/go/issues/43389 | Issue Tracking, Third Party Advisory |
| cve@mitre.org | https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md | Exploit, Third Party Advisory |
| cve@mitre.org | https://go-review.googlesource.com/c/go/+/325829/ | Patch, Third Party Advisory |
| cve@mitre.org | https://golang.org/pkg/net/#ParseCIDR | Vendor Advisory |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/ | |
| cve@mitre.org | https://security.gentoo.org/glsa/202208-02 | Third Party Advisory |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpujan2022.html | Patch, Third Party Advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:18:03.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://golang.org/pkg/net/#ParseCIDR"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/golang/go/issues/43389"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/golang/go/issues/30999"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://go-review.googlesource.com/c/go/+/325829/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md"
},
{
"name": "FEDORA-2022-17d004ed71",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-04T15:09:33",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://golang.org/pkg/net/#ParseCIDR"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/golang/go/issues/43389"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/golang/go/issues/30999"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://go-review.googlesource.com/c/go/+/325829/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md"
},
{
"name": "FEDORA-2022-17d004ed71",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202208-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-29923",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://golang.org/pkg/net/#ParseCIDR",
"refsource": "MISC",
"url": "https://golang.org/pkg/net/#ParseCIDR"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis",
"refsource": "MISC",
"url": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis"
},
{
"name": "https://github.com/golang/go/issues/43389",
"refsource": "MISC",
"url": "https://github.com/golang/go/issues/43389"
},
{
"name": "https://github.com/golang/go/issues/30999",
"refsource": "MISC",
"url": "https://github.com/golang/go/issues/30999"
},
{
"name": "https://go-review.googlesource.com/c/go/+/325829/",
"refsource": "MISC",
"url": "https://go-review.googlesource.com/c/go/+/325829/"
},
{
"name": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md",
"refsource": "MISC",
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md"
},
{
"name": "FEDORA-2022-17d004ed71",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/"
},
{
"name": "GLSA-202208-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-29923",
"datePublished": "2021-08-07T16:38:59",
"dateReserved": "2021-04-01T00:00:00",
"dateUpdated": "2024-08-03T22:18:03.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2021-29923\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-08-07T17:15:07.067\",\"lastModified\":\"2023-11-07T03:32:45.383\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.\"},{\"lang\":\"es\",\"value\":\"Go versiones anteriores a 1.17, no considera apropiadamente los caracteres cero extra\u00f1os al principio de un octeto de direcci\u00f3n IP, lo que (en algunas situaciones) permite a atacantes omitir el control de acceso que es basado en las direcciones IP, debido a una interpretaci\u00f3n octal inesperada. Esto afecta a net.ParseIP y net.ParseCIDR\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.17\",\"matchCriteriaId\":\"D39D5C21-8281-429F-AC33-CE39821CA3EC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:timesten_in-memory_database:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.1.1.1.0\",\"matchCriteriaId\":\"20290BBC-E3C9-4B96-94FE-2DFADD4BF1F1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]}],\"references\":[{\"url\":\"https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/golang/go/issues/30999\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/golang/go/issues/43389\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://go-review.googlesource.com/c/go/+/325829/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://golang.org/pkg/net/#ParseCIDR\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/202208-02\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
gsd-2021-29923
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-29923",
"description": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.",
"id": "GSD-2021-29923",
"references": [
"https://www.suse.com/security/cve/CVE-2021-29923.html",
"https://access.redhat.com/errata/RHSA-2022:0561",
"https://access.redhat.com/errata/RHSA-2022:0557",
"https://access.redhat.com/errata/RHSA-2022:0434",
"https://access.redhat.com/errata/RHSA-2022:0432",
"https://access.redhat.com/errata/RHSA-2022:0431",
"https://access.redhat.com/errata/RHSA-2022:0318",
"https://access.redhat.com/errata/RHSA-2022:0260",
"https://access.redhat.com/errata/RHSA-2022:0237",
"https://access.redhat.com/errata/RHSA-2021:4914",
"https://access.redhat.com/errata/RHSA-2021:4910",
"https://access.redhat.com/errata/RHSA-2021:4902",
"https://access.redhat.com/errata/RHSA-2021:4725",
"https://access.redhat.com/errata/RHSA-2021:4722",
"https://access.redhat.com/errata/RHSA-2021:3585",
"https://access.redhat.com/errata/RHSA-2021:3431",
"https://security.archlinux.org/CVE-2021-29923",
"https://access.redhat.com/errata/RHSA-2022:0577",
"https://access.redhat.com/errata/RHSA-2022:0947",
"https://access.redhat.com/errata/RHSA-2022:0988",
"https://access.redhat.com/errata/RHSA-2022:0989",
"https://access.redhat.com/errata/RHSA-2022:0997",
"https://access.redhat.com/errata/RHSA-2022:0998",
"https://access.redhat.com/errata/RHSA-2022:1276",
"https://access.redhat.com/errata/RHSA-2022:1372",
"https://linux.oracle.com/cve/CVE-2021-29923.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-29923"
],
"details": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.",
"id": "GSD-2021-29923",
"modified": "2023-12-13T01:23:36.622313Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-29923",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://golang.org/pkg/net/#ParseCIDR",
"refsource": "MISC",
"url": "https://golang.org/pkg/net/#ParseCIDR"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis",
"refsource": "MISC",
"url": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis"
},
{
"name": "https://github.com/golang/go/issues/43389",
"refsource": "MISC",
"url": "https://github.com/golang/go/issues/43389"
},
{
"name": "https://github.com/golang/go/issues/30999",
"refsource": "MISC",
"url": "https://github.com/golang/go/issues/30999"
},
{
"name": "https://go-review.googlesource.com/c/go/+/325829/",
"refsource": "MISC",
"url": "https://go-review.googlesource.com/c/go/+/325829/"
},
{
"name": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md",
"refsource": "MISC",
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md"
},
{
"name": "FEDORA-2022-17d004ed71",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/"
},
{
"name": "GLSA-202208-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-02"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.17",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:timesten_in-memory_database:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.1.1.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-29923"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/golang/go/issues/43389",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/golang/go/issues/43389"
},
{
"name": "https://github.com/golang/go/issues/30999",
"refsource": "MISC",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/golang/go/issues/30999"
},
{
"name": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis"
},
{
"name": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md"
},
{
"name": "https://golang.org/pkg/net/#ParseCIDR",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://golang.org/pkg/net/#ParseCIDR"
},
{
"name": "https://go-review.googlesource.com/c/go/+/325829/",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://go-review.googlesource.com/c/go/+/325829/"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "FEDORA-2022-17d004ed71",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/"
},
{
"name": "GLSA-202208-02",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-02"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-09-14T21:11Z",
"publishedDate": "2021-08-07T17:15Z"
}
}
}
rhsa-2022_0318
Vulnerability from csaf_redhat
Published
2022-01-27 16:52
Modified
2024-09-18 14:40
Summary
Red Hat Security Advisory: Red Hat OpenShift distributed tracing 2.1.0 security update
Notes
Topic
An update is now available for Red Hat Openshift distributed tracing 2.1.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Release of Red Hat OpenShift distributed Tracing provides these changes:
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
The Red Hat OpenShift distributed tracing release notes provide information on
the features and known issues:
https://docs.openshift.com/container-platform/latest/distr_tracing/distributed-tracing-release-notes.html
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Openshift distributed tracing 2.1.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of Red Hat OpenShift distributed Tracing provides these changes:\n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nThe Red Hat OpenShift distributed tracing release notes provide information on\nthe features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/distr_tracing/distributed-tracing-release-notes.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0318",
"url": "https://access.redhat.com/errata/RHSA-2022:0318"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "external",
"summary": "TRACING-2235",
"url": "https://issues.redhat.com/browse/TRACING-2235"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0318.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift distributed tracing 2.1.0 security update",
"tracking": {
"current_release_date": "2024-09-18T14:40:41+00:00",
"generator": {
"date": "2024-09-18T14:40:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0318",
"initial_release_date": "2022-01-27T16:52:20+00:00",
"revision_history": [
{
"date": "2022-01-27T16:52:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-28T15:04:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:40:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift distributed tracing 2.1",
"product": {
"name": "Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_distributed_tracing:2.1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift distributed tracing"
},
{
"branches": [
{
"category": "product_version",
"name": "rhosdt/jaeger-agent-rhel8@sha256:421222e82c3b137992ee05f0cb3564c8ce04bbe9582a26c62df6793d7248bb42_amd64",
"product": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:421222e82c3b137992ee05f0cb3564c8ce04bbe9582a26c62df6793d7248bb42_amd64",
"product_id": "rhosdt/jaeger-agent-rhel8@sha256:421222e82c3b137992ee05f0cb3564c8ce04bbe9582a26c62df6793d7248bb42_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-agent-rhel8@sha256:421222e82c3b137992ee05f0cb3564c8ce04bbe9582a26c62df6793d7248bb42?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:006a540ef57adcd939a85a4915fa3dbc63fd2b105c2f43c2b46d8de5108f6925_amd64",
"product": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:006a540ef57adcd939a85a4915fa3dbc63fd2b105c2f43c2b46d8de5108f6925_amd64",
"product_id": "rhosdt/jaeger-all-in-one-rhel8@sha256:006a540ef57adcd939a85a4915fa3dbc63fd2b105c2f43c2b46d8de5108f6925_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-all-in-one-rhel8@sha256:006a540ef57adcd939a85a4915fa3dbc63fd2b105c2f43c2b46d8de5108f6925?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439_amd64",
"product": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439_amd64",
"product_id": "rhosdt/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225_amd64",
"product": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225_amd64",
"product_id": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64",
"product": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64",
"product_id": "rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64",
"product": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64",
"product_id": "rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-operator-bundle@sha256:81fdd996a36fa37bf3f4c101bb25414b43c72538766a51ec4a346293eb37a63e_amd64",
"product": {
"name": "rhosdt/jaeger-operator-bundle@sha256:81fdd996a36fa37bf3f4c101bb25414b43c72538766a51ec4a346293eb37a63e_amd64",
"product_id": "rhosdt/jaeger-operator-bundle@sha256:81fdd996a36fa37bf3f4c101bb25414b43c72538766a51ec4a346293eb37a63e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-operator-bundle@sha256:81fdd996a36fa37bf3f4c101bb25414b43c72538766a51ec4a346293eb37a63e?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle\u0026tag=1.29.1-8"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64",
"product": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64",
"product_id": "rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator\u0026tag=1.29.1-2"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5_amd64",
"product": {
"name": "rhosdt/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5_amd64",
"product_id": "rhosdt/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:17bc11d364fae94c2392147297b75c3bcdc80eec7c73016eb2cd225851f96a9f_amd64",
"product": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:17bc11d364fae94c2392147297b75c3bcdc80eec7c73016eb2cd225851f96a9f_amd64",
"product_id": "rhosdt/opentelemetry-collector-rhel8@sha256:17bc11d364fae94c2392147297b75c3bcdc80eec7c73016eb2cd225851f96a9f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256:17bc11d364fae94c2392147297b75c3bcdc80eec7c73016eb2cd225851f96a9f?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8\u0026tag=0.41.1-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64",
"product": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64",
"product_id": "rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle\u0026tag=0.41.1-7"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:32b6d98c6fc14499531535c301bc0f34976cf8c172898e728808bd1a31987557_amd64",
"product": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:32b6d98c6fc14499531535c301bc0f34976cf8c172898e728808bd1a31987557_amd64",
"product_id": "rhosdt/opentelemetry-rhel8-operator@sha256:32b6d98c6fc14499531535c301bc0f34976cf8c172898e728808bd1a31987557_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256:32b6d98c6fc14499531535c301bc0f34976cf8c172898e728808bd1a31987557?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator\u0026tag=0.41.1-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhosdt/jaeger-agent-rhel8@sha256:addd2534475c44a2bbedc9d1c833255a8070a0bfb9f5a1457cb56693926315be_ppc64le",
"product": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:addd2534475c44a2bbedc9d1c833255a8070a0bfb9f5a1457cb56693926315be_ppc64le",
"product_id": "rhosdt/jaeger-agent-rhel8@sha256:addd2534475c44a2bbedc9d1c833255a8070a0bfb9f5a1457cb56693926315be_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-agent-rhel8@sha256:addd2534475c44a2bbedc9d1c833255a8070a0bfb9f5a1457cb56693926315be?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:054b789cdfc9797aae8dcb9b2787274ea6ee304a753ff2567fc147b8aceff203_ppc64le",
"product": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:054b789cdfc9797aae8dcb9b2787274ea6ee304a753ff2567fc147b8aceff203_ppc64le",
"product_id": "rhosdt/jaeger-all-in-one-rhel8@sha256:054b789cdfc9797aae8dcb9b2787274ea6ee304a753ff2567fc147b8aceff203_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-all-in-one-rhel8@sha256:054b789cdfc9797aae8dcb9b2787274ea6ee304a753ff2567fc147b8aceff203?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-collector-rhel8@sha256:e98bd13e0530f61268dd6486fbccd4a2eda4e11cf9dfcf2997eb309f22cd4f48_ppc64le",
"product": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:e98bd13e0530f61268dd6486fbccd4a2eda4e11cf9dfcf2997eb309f22cd4f48_ppc64le",
"product_id": "rhosdt/jaeger-collector-rhel8@sha256:e98bd13e0530f61268dd6486fbccd4a2eda4e11cf9dfcf2997eb309f22cd4f48_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-collector-rhel8@sha256:e98bd13e0530f61268dd6486fbccd4a2eda4e11cf9dfcf2997eb309f22cd4f48?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:bc01bdbc5ac3d24a4000bcc182662dd3bb3609a6a62339b36baa99a75dee8a81_ppc64le",
"product": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:bc01bdbc5ac3d24a4000bcc182662dd3bb3609a6a62339b36baa99a75dee8a81_ppc64le",
"product_id": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:bc01bdbc5ac3d24a4000bcc182662dd3bb3609a6a62339b36baa99a75dee8a81_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:bc01bdbc5ac3d24a4000bcc182662dd3bb3609a6a62339b36baa99a75dee8a81?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:15be113cd998050b49fb6465b8f14345578d7296327d5951d13d506b63ebfd2f_ppc64le",
"product": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:15be113cd998050b49fb6465b8f14345578d7296327d5951d13d506b63ebfd2f_ppc64le",
"product_id": "rhosdt/jaeger-es-rollover-rhel8@sha256:15be113cd998050b49fb6465b8f14345578d7296327d5951d13d506b63ebfd2f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-rollover-rhel8@sha256:15be113cd998050b49fb6465b8f14345578d7296327d5951d13d506b63ebfd2f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le",
"product": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le",
"product_id": "rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-operator-bundle@sha256:8f73fe01cd4211ed37231f38fd25383cfd9b7f2ca6b9417833d2fea450cd8b7b_ppc64le",
"product": {
"name": "rhosdt/jaeger-operator-bundle@sha256:8f73fe01cd4211ed37231f38fd25383cfd9b7f2ca6b9417833d2fea450cd8b7b_ppc64le",
"product_id": "rhosdt/jaeger-operator-bundle@sha256:8f73fe01cd4211ed37231f38fd25383cfd9b7f2ca6b9417833d2fea450cd8b7b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-operator-bundle@sha256:8f73fe01cd4211ed37231f38fd25383cfd9b7f2ca6b9417833d2fea450cd8b7b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle\u0026tag=1.29.1-8"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-rhel8-operator@sha256:ad3d1087af547c494d7cee9b2dac6e91196ac55cf9e01f761fa3f7b1acf29ccd_ppc64le",
"product": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:ad3d1087af547c494d7cee9b2dac6e91196ac55cf9e01f761fa3f7b1acf29ccd_ppc64le",
"product_id": "rhosdt/jaeger-rhel8-operator@sha256:ad3d1087af547c494d7cee9b2dac6e91196ac55cf9e01f761fa3f7b1acf29ccd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-rhel8-operator@sha256:ad3d1087af547c494d7cee9b2dac6e91196ac55cf9e01f761fa3f7b1acf29ccd?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator\u0026tag=1.29.1-2"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-query-rhel8@sha256:206382a742e2b885efb2b866a358bb1559d0c67dca0801816e12b6a9e6efc81c_ppc64le",
"product": {
"name": "rhosdt/jaeger-query-rhel8@sha256:206382a742e2b885efb2b866a358bb1559d0c67dca0801816e12b6a9e6efc81c_ppc64le",
"product_id": "rhosdt/jaeger-query-rhel8@sha256:206382a742e2b885efb2b866a358bb1559d0c67dca0801816e12b6a9e6efc81c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-query-rhel8@sha256:206382a742e2b885efb2b866a358bb1559d0c67dca0801816e12b6a9e6efc81c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:f11733667d88fe4411fb6d975de3ba68028895f59fe1ae70566dbd2ffbff17f0_ppc64le",
"product": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:f11733667d88fe4411fb6d975de3ba68028895f59fe1ae70566dbd2ffbff17f0_ppc64le",
"product_id": "rhosdt/opentelemetry-collector-rhel8@sha256:f11733667d88fe4411fb6d975de3ba68028895f59fe1ae70566dbd2ffbff17f0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256:f11733667d88fe4411fb6d975de3ba68028895f59fe1ae70566dbd2ffbff17f0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8\u0026tag=0.41.1-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le",
"product": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le",
"product_id": "rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle\u0026tag=0.41.1-7"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290_ppc64le",
"product": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290_ppc64le",
"product_id": "rhosdt/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator\u0026tag=0.41.1-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhosdt/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56_s390x",
"product": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56_s390x",
"product_id": "rhosdt/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-agent-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728_s390x",
"product": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728_s390x",
"product_id": "rhosdt/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x",
"product": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x",
"product_id": "rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-collector-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x",
"product": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x",
"product_id": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:b19b70fb4aa1dc0665ab05dd4a6223eaf5c7ad3d077048bee9fa6d473a54f5e1_s390x",
"product": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:b19b70fb4aa1dc0665ab05dd4a6223eaf5c7ad3d077048bee9fa6d473a54f5e1_s390x",
"product_id": "rhosdt/jaeger-es-rollover-rhel8@sha256:b19b70fb4aa1dc0665ab05dd4a6223eaf5c7ad3d077048bee9fa6d473a54f5e1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-es-rollover-rhel8@sha256:b19b70fb4aa1dc0665ab05dd4a6223eaf5c7ad3d077048bee9fa6d473a54f5e1?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-ingester-rhel8@sha256:d576a57b826f626f037343f2017f540973575a21a59641e12c365b19d511ffd8_s390x",
"product": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:d576a57b826f626f037343f2017f540973575a21a59641e12c365b19d511ffd8_s390x",
"product_id": "rhosdt/jaeger-ingester-rhel8@sha256:d576a57b826f626f037343f2017f540973575a21a59641e12c365b19d511ffd8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-ingester-rhel8@sha256:d576a57b826f626f037343f2017f540973575a21a59641e12c365b19d511ffd8?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-ingester-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-operator-bundle@sha256:12f867f73893acc7aa4d6bdbb08d1ef14bc56595cce9d1c709065e34a4a81817_s390x",
"product": {
"name": "rhosdt/jaeger-operator-bundle@sha256:12f867f73893acc7aa4d6bdbb08d1ef14bc56595cce9d1c709065e34a4a81817_s390x",
"product_id": "rhosdt/jaeger-operator-bundle@sha256:12f867f73893acc7aa4d6bdbb08d1ef14bc56595cce9d1c709065e34a4a81817_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-operator-bundle@sha256:12f867f73893acc7aa4d6bdbb08d1ef14bc56595cce9d1c709065e34a4a81817?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-operator-bundle\u0026tag=1.29.1-8"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-rhel8-operator@sha256:e54f4a96ccf3006a96a3336af93390741ca18195db31252a6d29b7176464a78a_s390x",
"product": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:e54f4a96ccf3006a96a3336af93390741ca18195db31252a6d29b7176464a78a_s390x",
"product_id": "rhosdt/jaeger-rhel8-operator@sha256:e54f4a96ccf3006a96a3336af93390741ca18195db31252a6d29b7176464a78a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-rhel8-operator@sha256:e54f4a96ccf3006a96a3336af93390741ca18195db31252a6d29b7176464a78a?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-rhel8-operator\u0026tag=1.29.1-2"
}
}
},
{
"category": "product_version",
"name": "rhosdt/jaeger-query-rhel8@sha256:0b8b299869e821e8431e3860d6b47879ade5df19b08610a1f87b0d03a1c0ec7b_s390x",
"product": {
"name": "rhosdt/jaeger-query-rhel8@sha256:0b8b299869e821e8431e3860d6b47879ade5df19b08610a1f87b0d03a1c0ec7b_s390x",
"product_id": "rhosdt/jaeger-query-rhel8@sha256:0b8b299869e821e8431e3860d6b47879ade5df19b08610a1f87b0d03a1c0ec7b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jaeger-query-rhel8@sha256:0b8b299869e821e8431e3860d6b47879ade5df19b08610a1f87b0d03a1c0ec7b?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/jaeger-query-rhel8\u0026tag=1.29.0-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:97584a9024698d85418baaadce793a69914c2ed0ef49398cf6609757bd85ac19_s390x",
"product": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:97584a9024698d85418baaadce793a69914c2ed0ef49398cf6609757bd85ac19_s390x",
"product_id": "rhosdt/opentelemetry-collector-rhel8@sha256:97584a9024698d85418baaadce793a69914c2ed0ef49398cf6609757bd85ac19_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-collector-rhel8@sha256:97584a9024698d85418baaadce793a69914c2ed0ef49398cf6609757bd85ac19?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-collector-rhel8\u0026tag=0.41.1-1"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-operator-bundle@sha256:e5b754780949cf4aaec013385133817be2cae832de4a3dcc53ce2041e2922e46_s390x",
"product": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:e5b754780949cf4aaec013385133817be2cae832de4a3dcc53ce2041e2922e46_s390x",
"product_id": "rhosdt/opentelemetry-operator-bundle@sha256:e5b754780949cf4aaec013385133817be2cae832de4a3dcc53ce2041e2922e46_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-operator-bundle@sha256:e5b754780949cf4aaec013385133817be2cae832de4a3dcc53ce2041e2922e46?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-operator-bundle\u0026tag=0.41.1-7"
}
}
},
{
"category": "product_version",
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:9b890daea8a5b20722e273b7e1e12752cb739181745810ffaae6bdd5d59be84b_s390x",
"product": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:9b890daea8a5b20722e273b7e1e12752cb739181745810ffaae6bdd5d59be84b_s390x",
"product_id": "rhosdt/opentelemetry-rhel8-operator@sha256:9b890daea8a5b20722e273b7e1e12752cb739181745810ffaae6bdd5d59be84b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opentelemetry-rhel8-operator@sha256:9b890daea8a5b20722e273b7e1e12752cb739181745810ffaae6bdd5d59be84b?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt/opentelemetry-rhel8-operator\u0026tag=0.41.1-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:421222e82c3b137992ee05f0cb3564c8ce04bbe9582a26c62df6793d7248bb42_amd64 as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:421222e82c3b137992ee05f0cb3564c8ce04bbe9582a26c62df6793d7248bb42_amd64"
},
"product_reference": "rhosdt/jaeger-agent-rhel8@sha256:421222e82c3b137992ee05f0cb3564c8ce04bbe9582a26c62df6793d7248bb42_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56_s390x as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56_s390x"
},
"product_reference": "rhosdt/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-agent-rhel8@sha256:addd2534475c44a2bbedc9d1c833255a8070a0bfb9f5a1457cb56693926315be_ppc64le as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:addd2534475c44a2bbedc9d1c833255a8070a0bfb9f5a1457cb56693926315be_ppc64le"
},
"product_reference": "rhosdt/jaeger-agent-rhel8@sha256:addd2534475c44a2bbedc9d1c833255a8070a0bfb9f5a1457cb56693926315be_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:006a540ef57adcd939a85a4915fa3dbc63fd2b105c2f43c2b46d8de5108f6925_amd64 as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:006a540ef57adcd939a85a4915fa3dbc63fd2b105c2f43c2b46d8de5108f6925_amd64"
},
"product_reference": "rhosdt/jaeger-all-in-one-rhel8@sha256:006a540ef57adcd939a85a4915fa3dbc63fd2b105c2f43c2b46d8de5108f6925_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:054b789cdfc9797aae8dcb9b2787274ea6ee304a753ff2567fc147b8aceff203_ppc64le as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:054b789cdfc9797aae8dcb9b2787274ea6ee304a753ff2567fc147b8aceff203_ppc64le"
},
"product_reference": "rhosdt/jaeger-all-in-one-rhel8@sha256:054b789cdfc9797aae8dcb9b2787274ea6ee304a753ff2567fc147b8aceff203_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728_s390x as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728_s390x"
},
"product_reference": "rhosdt/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x"
},
"product_reference": "rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439_amd64 as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439_amd64"
},
"product_reference": "rhosdt/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-collector-rhel8@sha256:e98bd13e0530f61268dd6486fbccd4a2eda4e11cf9dfcf2997eb309f22cd4f48_ppc64le as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e98bd13e0530f61268dd6486fbccd4a2eda4e11cf9dfcf2997eb309f22cd4f48_ppc64le"
},
"product_reference": "rhosdt/jaeger-collector-rhel8@sha256:e98bd13e0530f61268dd6486fbccd4a2eda4e11cf9dfcf2997eb309f22cd4f48_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x"
},
"product_reference": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225_amd64 as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225_amd64"
},
"product_reference": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:bc01bdbc5ac3d24a4000bcc182662dd3bb3609a6a62339b36baa99a75dee8a81_ppc64le as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:bc01bdbc5ac3d24a4000bcc182662dd3bb3609a6a62339b36baa99a75dee8a81_ppc64le"
},
"product_reference": "rhosdt/jaeger-es-index-cleaner-rhel8@sha256:bc01bdbc5ac3d24a4000bcc182662dd3bb3609a6a62339b36baa99a75dee8a81_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:15be113cd998050b49fb6465b8f14345578d7296327d5951d13d506b63ebfd2f_ppc64le as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:15be113cd998050b49fb6465b8f14345578d7296327d5951d13d506b63ebfd2f_ppc64le"
},
"product_reference": "rhosdt/jaeger-es-rollover-rhel8@sha256:15be113cd998050b49fb6465b8f14345578d7296327d5951d13d506b63ebfd2f_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:b19b70fb4aa1dc0665ab05dd4a6223eaf5c7ad3d077048bee9fa6d473a54f5e1_s390x as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:b19b70fb4aa1dc0665ab05dd4a6223eaf5c7ad3d077048bee9fa6d473a54f5e1_s390x"
},
"product_reference": "rhosdt/jaeger-es-rollover-rhel8@sha256:b19b70fb4aa1dc0665ab05dd4a6223eaf5c7ad3d077048bee9fa6d473a54f5e1_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64 as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64"
},
"product_reference": "rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64 as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64"
},
"product_reference": "rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le"
},
"product_reference": "rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-ingester-rhel8@sha256:d576a57b826f626f037343f2017f540973575a21a59641e12c365b19d511ffd8_s390x as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:d576a57b826f626f037343f2017f540973575a21a59641e12c365b19d511ffd8_s390x"
},
"product_reference": "rhosdt/jaeger-ingester-rhel8@sha256:d576a57b826f626f037343f2017f540973575a21a59641e12c365b19d511ffd8_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-operator-bundle@sha256:12f867f73893acc7aa4d6bdbb08d1ef14bc56595cce9d1c709065e34a4a81817_s390x as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:12f867f73893acc7aa4d6bdbb08d1ef14bc56595cce9d1c709065e34a4a81817_s390x"
},
"product_reference": "rhosdt/jaeger-operator-bundle@sha256:12f867f73893acc7aa4d6bdbb08d1ef14bc56595cce9d1c709065e34a4a81817_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-operator-bundle@sha256:81fdd996a36fa37bf3f4c101bb25414b43c72538766a51ec4a346293eb37a63e_amd64 as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:81fdd996a36fa37bf3f4c101bb25414b43c72538766a51ec4a346293eb37a63e_amd64"
},
"product_reference": "rhosdt/jaeger-operator-bundle@sha256:81fdd996a36fa37bf3f4c101bb25414b43c72538766a51ec4a346293eb37a63e_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-operator-bundle@sha256:8f73fe01cd4211ed37231f38fd25383cfd9b7f2ca6b9417833d2fea450cd8b7b_ppc64le as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:8f73fe01cd4211ed37231f38fd25383cfd9b7f2ca6b9417833d2fea450cd8b7b_ppc64le"
},
"product_reference": "rhosdt/jaeger-operator-bundle@sha256:8f73fe01cd4211ed37231f38fd25383cfd9b7f2ca6b9417833d2fea450cd8b7b_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-query-rhel8@sha256:0b8b299869e821e8431e3860d6b47879ade5df19b08610a1f87b0d03a1c0ec7b_s390x as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:0b8b299869e821e8431e3860d6b47879ade5df19b08610a1f87b0d03a1c0ec7b_s390x"
},
"product_reference": "rhosdt/jaeger-query-rhel8@sha256:0b8b299869e821e8431e3860d6b47879ade5df19b08610a1f87b0d03a1c0ec7b_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-query-rhel8@sha256:206382a742e2b885efb2b866a358bb1559d0c67dca0801816e12b6a9e6efc81c_ppc64le as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:206382a742e2b885efb2b866a358bb1559d0c67dca0801816e12b6a9e6efc81c_ppc64le"
},
"product_reference": "rhosdt/jaeger-query-rhel8@sha256:206382a742e2b885efb2b866a358bb1559d0c67dca0801816e12b6a9e6efc81c_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5_amd64 as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5_amd64"
},
"product_reference": "rhosdt/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:ad3d1087af547c494d7cee9b2dac6e91196ac55cf9e01f761fa3f7b1acf29ccd_ppc64le as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:ad3d1087af547c494d7cee9b2dac6e91196ac55cf9e01f761fa3f7b1acf29ccd_ppc64le"
},
"product_reference": "rhosdt/jaeger-rhel8-operator@sha256:ad3d1087af547c494d7cee9b2dac6e91196ac55cf9e01f761fa3f7b1acf29ccd_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64 as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64"
},
"product_reference": "rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/jaeger-rhel8-operator@sha256:e54f4a96ccf3006a96a3336af93390741ca18195db31252a6d29b7176464a78a_s390x as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:e54f4a96ccf3006a96a3336af93390741ca18195db31252a6d29b7176464a78a_s390x"
},
"product_reference": "rhosdt/jaeger-rhel8-operator@sha256:e54f4a96ccf3006a96a3336af93390741ca18195db31252a6d29b7176464a78a_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:17bc11d364fae94c2392147297b75c3bcdc80eec7c73016eb2cd225851f96a9f_amd64 as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:17bc11d364fae94c2392147297b75c3bcdc80eec7c73016eb2cd225851f96a9f_amd64"
},
"product_reference": "rhosdt/opentelemetry-collector-rhel8@sha256:17bc11d364fae94c2392147297b75c3bcdc80eec7c73016eb2cd225851f96a9f_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:97584a9024698d85418baaadce793a69914c2ed0ef49398cf6609757bd85ac19_s390x as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:97584a9024698d85418baaadce793a69914c2ed0ef49398cf6609757bd85ac19_s390x"
},
"product_reference": "rhosdt/opentelemetry-collector-rhel8@sha256:97584a9024698d85418baaadce793a69914c2ed0ef49398cf6609757bd85ac19_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-collector-rhel8@sha256:f11733667d88fe4411fb6d975de3ba68028895f59fe1ae70566dbd2ffbff17f0_ppc64le as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:f11733667d88fe4411fb6d975de3ba68028895f59fe1ae70566dbd2ffbff17f0_ppc64le"
},
"product_reference": "rhosdt/opentelemetry-collector-rhel8@sha256:f11733667d88fe4411fb6d975de3ba68028895f59fe1ae70566dbd2ffbff17f0_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64 as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64"
},
"product_reference": "rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le"
},
"product_reference": "rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-operator-bundle@sha256:e5b754780949cf4aaec013385133817be2cae832de4a3dcc53ce2041e2922e46_s390x as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:e5b754780949cf4aaec013385133817be2cae832de4a3dcc53ce2041e2922e46_s390x"
},
"product_reference": "rhosdt/opentelemetry-operator-bundle@sha256:e5b754780949cf4aaec013385133817be2cae832de4a3dcc53ce2041e2922e46_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:32b6d98c6fc14499531535c301bc0f34976cf8c172898e728808bd1a31987557_amd64 as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:32b6d98c6fc14499531535c301bc0f34976cf8c172898e728808bd1a31987557_amd64"
},
"product_reference": "rhosdt/opentelemetry-rhel8-operator@sha256:32b6d98c6fc14499531535c301bc0f34976cf8c172898e728808bd1a31987557_amd64",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:9b890daea8a5b20722e273b7e1e12752cb739181745810ffaae6bdd5d59be84b_s390x as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:9b890daea8a5b20722e273b7e1e12752cb739181745810ffaae6bdd5d59be84b_s390x"
},
"product_reference": "rhosdt/opentelemetry-rhel8-operator@sha256:9b890daea8a5b20722e273b7e1e12752cb739181745810ffaae6bdd5d59be84b_s390x",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhosdt/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290_ppc64le as a component of Red Hat OpenShift distributed tracing 2.1",
"product_id": "8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290_ppc64le"
},
"product_reference": "rhosdt/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290_ppc64le",
"relates_to_product_reference": "8Base-RHOSDT-2.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:421222e82c3b137992ee05f0cb3564c8ce04bbe9582a26c62df6793d7248bb42_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:addd2534475c44a2bbedc9d1c833255a8070a0bfb9f5a1457cb56693926315be_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:006a540ef57adcd939a85a4915fa3dbc63fd2b105c2f43c2b46d8de5108f6925_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:054b789cdfc9797aae8dcb9b2787274ea6ee304a753ff2567fc147b8aceff203_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e98bd13e0530f61268dd6486fbccd4a2eda4e11cf9dfcf2997eb309f22cd4f48_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:bc01bdbc5ac3d24a4000bcc182662dd3bb3609a6a62339b36baa99a75dee8a81_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:15be113cd998050b49fb6465b8f14345578d7296327d5951d13d506b63ebfd2f_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:b19b70fb4aa1dc0665ab05dd4a6223eaf5c7ad3d077048bee9fa6d473a54f5e1_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:d576a57b826f626f037343f2017f540973575a21a59641e12c365b19d511ffd8_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:12f867f73893acc7aa4d6bdbb08d1ef14bc56595cce9d1c709065e34a4a81817_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:81fdd996a36fa37bf3f4c101bb25414b43c72538766a51ec4a346293eb37a63e_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:8f73fe01cd4211ed37231f38fd25383cfd9b7f2ca6b9417833d2fea450cd8b7b_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:0b8b299869e821e8431e3860d6b47879ade5df19b08610a1f87b0d03a1c0ec7b_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:206382a742e2b885efb2b866a358bb1559d0c67dca0801816e12b6a9e6efc81c_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:ad3d1087af547c494d7cee9b2dac6e91196ac55cf9e01f761fa3f7b1acf29ccd_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:e54f4a96ccf3006a96a3336af93390741ca18195db31252a6d29b7176464a78a_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:17bc11d364fae94c2392147297b75c3bcdc80eec7c73016eb2cd225851f96a9f_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:97584a9024698d85418baaadce793a69914c2ed0ef49398cf6609757bd85ac19_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:f11733667d88fe4411fb6d975de3ba68028895f59fe1ae70566dbd2ffbff17f0_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:e5b754780949cf4aaec013385133817be2cae832de4a3dcc53ce2041e2922e46_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:32b6d98c6fc14499531535c301bc0f34976cf8c172898e728808bd1a31987557_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:9b890daea8a5b20722e273b7e1e12752cb739181745810ffaae6bdd5d59be84b_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://docs.openshift.com/container-platform/latest/distr_tracing/distr_tracing_install/distr-tracing-updating.html",
"product_ids": [
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:421222e82c3b137992ee05f0cb3564c8ce04bbe9582a26c62df6793d7248bb42_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:addd2534475c44a2bbedc9d1c833255a8070a0bfb9f5a1457cb56693926315be_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:006a540ef57adcd939a85a4915fa3dbc63fd2b105c2f43c2b46d8de5108f6925_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:054b789cdfc9797aae8dcb9b2787274ea6ee304a753ff2567fc147b8aceff203_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e98bd13e0530f61268dd6486fbccd4a2eda4e11cf9dfcf2997eb309f22cd4f48_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:bc01bdbc5ac3d24a4000bcc182662dd3bb3609a6a62339b36baa99a75dee8a81_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:15be113cd998050b49fb6465b8f14345578d7296327d5951d13d506b63ebfd2f_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:b19b70fb4aa1dc0665ab05dd4a6223eaf5c7ad3d077048bee9fa6d473a54f5e1_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:d576a57b826f626f037343f2017f540973575a21a59641e12c365b19d511ffd8_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:12f867f73893acc7aa4d6bdbb08d1ef14bc56595cce9d1c709065e34a4a81817_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:81fdd996a36fa37bf3f4c101bb25414b43c72538766a51ec4a346293eb37a63e_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:8f73fe01cd4211ed37231f38fd25383cfd9b7f2ca6b9417833d2fea450cd8b7b_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:0b8b299869e821e8431e3860d6b47879ade5df19b08610a1f87b0d03a1c0ec7b_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:206382a742e2b885efb2b866a358bb1559d0c67dca0801816e12b6a9e6efc81c_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:ad3d1087af547c494d7cee9b2dac6e91196ac55cf9e01f761fa3f7b1acf29ccd_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:e54f4a96ccf3006a96a3336af93390741ca18195db31252a6d29b7176464a78a_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:17bc11d364fae94c2392147297b75c3bcdc80eec7c73016eb2cd225851f96a9f_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:97584a9024698d85418baaadce793a69914c2ed0ef49398cf6609757bd85ac19_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:f11733667d88fe4411fb6d975de3ba68028895f59fe1ae70566dbd2ffbff17f0_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:e5b754780949cf4aaec013385133817be2cae832de4a3dcc53ce2041e2922e46_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:32b6d98c6fc14499531535c301bc0f34976cf8c172898e728808bd1a31987557_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:9b890daea8a5b20722e273b7e1e12752cb739181745810ffaae6bdd5d59be84b_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0318"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:421222e82c3b137992ee05f0cb3564c8ce04bbe9582a26c62df6793d7248bb42_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:addd2534475c44a2bbedc9d1c833255a8070a0bfb9f5a1457cb56693926315be_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:006a540ef57adcd939a85a4915fa3dbc63fd2b105c2f43c2b46d8de5108f6925_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:054b789cdfc9797aae8dcb9b2787274ea6ee304a753ff2567fc147b8aceff203_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e98bd13e0530f61268dd6486fbccd4a2eda4e11cf9dfcf2997eb309f22cd4f48_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:bc01bdbc5ac3d24a4000bcc182662dd3bb3609a6a62339b36baa99a75dee8a81_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:15be113cd998050b49fb6465b8f14345578d7296327d5951d13d506b63ebfd2f_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:b19b70fb4aa1dc0665ab05dd4a6223eaf5c7ad3d077048bee9fa6d473a54f5e1_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:d576a57b826f626f037343f2017f540973575a21a59641e12c365b19d511ffd8_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:12f867f73893acc7aa4d6bdbb08d1ef14bc56595cce9d1c709065e34a4a81817_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:81fdd996a36fa37bf3f4c101bb25414b43c72538766a51ec4a346293eb37a63e_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:8f73fe01cd4211ed37231f38fd25383cfd9b7f2ca6b9417833d2fea450cd8b7b_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:0b8b299869e821e8431e3860d6b47879ade5df19b08610a1f87b0d03a1c0ec7b_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:206382a742e2b885efb2b866a358bb1559d0c67dca0801816e12b6a9e6efc81c_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:ad3d1087af547c494d7cee9b2dac6e91196ac55cf9e01f761fa3f7b1acf29ccd_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:e54f4a96ccf3006a96a3336af93390741ca18195db31252a6d29b7176464a78a_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:17bc11d364fae94c2392147297b75c3bcdc80eec7c73016eb2cd225851f96a9f_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:97584a9024698d85418baaadce793a69914c2ed0ef49398cf6609757bd85ac19_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:f11733667d88fe4411fb6d975de3ba68028895f59fe1ae70566dbd2ffbff17f0_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:e5b754780949cf4aaec013385133817be2cae832de4a3dcc53ce2041e2922e46_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:32b6d98c6fc14499531535c301bc0f34976cf8c172898e728808bd1a31987557_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:9b890daea8a5b20722e273b7e1e12752cb739181745810ffaae6bdd5d59be84b_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:421222e82c3b137992ee05f0cb3564c8ce04bbe9582a26c62df6793d7248bb42_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:addd2534475c44a2bbedc9d1c833255a8070a0bfb9f5a1457cb56693926315be_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:006a540ef57adcd939a85a4915fa3dbc63fd2b105c2f43c2b46d8de5108f6925_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:054b789cdfc9797aae8dcb9b2787274ea6ee304a753ff2567fc147b8aceff203_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e98bd13e0530f61268dd6486fbccd4a2eda4e11cf9dfcf2997eb309f22cd4f48_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:bc01bdbc5ac3d24a4000bcc182662dd3bb3609a6a62339b36baa99a75dee8a81_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:15be113cd998050b49fb6465b8f14345578d7296327d5951d13d506b63ebfd2f_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:b19b70fb4aa1dc0665ab05dd4a6223eaf5c7ad3d077048bee9fa6d473a54f5e1_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:d576a57b826f626f037343f2017f540973575a21a59641e12c365b19d511ffd8_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:12f867f73893acc7aa4d6bdbb08d1ef14bc56595cce9d1c709065e34a4a81817_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:81fdd996a36fa37bf3f4c101bb25414b43c72538766a51ec4a346293eb37a63e_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:8f73fe01cd4211ed37231f38fd25383cfd9b7f2ca6b9417833d2fea450cd8b7b_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:0b8b299869e821e8431e3860d6b47879ade5df19b08610a1f87b0d03a1c0ec7b_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:206382a742e2b885efb2b866a358bb1559d0c67dca0801816e12b6a9e6efc81c_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:ad3d1087af547c494d7cee9b2dac6e91196ac55cf9e01f761fa3f7b1acf29ccd_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:e54f4a96ccf3006a96a3336af93390741ca18195db31252a6d29b7176464a78a_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:17bc11d364fae94c2392147297b75c3bcdc80eec7c73016eb2cd225851f96a9f_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:97584a9024698d85418baaadce793a69914c2ed0ef49398cf6609757bd85ac19_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:f11733667d88fe4411fb6d975de3ba68028895f59fe1ae70566dbd2ffbff17f0_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:e5b754780949cf4aaec013385133817be2cae832de4a3dcc53ce2041e2922e46_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:32b6d98c6fc14499531535c301bc0f34976cf8c172898e728808bd1a31987557_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:9b890daea8a5b20722e273b7e1e12752cb739181745810ffaae6bdd5d59be84b_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-36221",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-08-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995656"
}
],
"notes": [
{
"category": "description",
"text": "A race condition flaw was found in Go. The incoming requests body weren\u0027t closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the impacted RHOSP packages.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF1.3, no update will be provided at this time for the STF1.3 sg-core-container. Additionally, because Service Telemetry Framework1.2 will be retiring soon, no update will be provided at this time for the STF1.2 smart-gateway-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:421222e82c3b137992ee05f0cb3564c8ce04bbe9582a26c62df6793d7248bb42_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:addd2534475c44a2bbedc9d1c833255a8070a0bfb9f5a1457cb56693926315be_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:006a540ef57adcd939a85a4915fa3dbc63fd2b105c2f43c2b46d8de5108f6925_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:054b789cdfc9797aae8dcb9b2787274ea6ee304a753ff2567fc147b8aceff203_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e98bd13e0530f61268dd6486fbccd4a2eda4e11cf9dfcf2997eb309f22cd4f48_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:bc01bdbc5ac3d24a4000bcc182662dd3bb3609a6a62339b36baa99a75dee8a81_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:15be113cd998050b49fb6465b8f14345578d7296327d5951d13d506b63ebfd2f_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:b19b70fb4aa1dc0665ab05dd4a6223eaf5c7ad3d077048bee9fa6d473a54f5e1_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:d576a57b826f626f037343f2017f540973575a21a59641e12c365b19d511ffd8_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:12f867f73893acc7aa4d6bdbb08d1ef14bc56595cce9d1c709065e34a4a81817_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:81fdd996a36fa37bf3f4c101bb25414b43c72538766a51ec4a346293eb37a63e_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:8f73fe01cd4211ed37231f38fd25383cfd9b7f2ca6b9417833d2fea450cd8b7b_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:0b8b299869e821e8431e3860d6b47879ade5df19b08610a1f87b0d03a1c0ec7b_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:206382a742e2b885efb2b866a358bb1559d0c67dca0801816e12b6a9e6efc81c_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:ad3d1087af547c494d7cee9b2dac6e91196ac55cf9e01f761fa3f7b1acf29ccd_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:e54f4a96ccf3006a96a3336af93390741ca18195db31252a6d29b7176464a78a_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:17bc11d364fae94c2392147297b75c3bcdc80eec7c73016eb2cd225851f96a9f_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:97584a9024698d85418baaadce793a69914c2ed0ef49398cf6609757bd85ac19_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:f11733667d88fe4411fb6d975de3ba68028895f59fe1ae70566dbd2ffbff17f0_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:e5b754780949cf4aaec013385133817be2cae832de4a3dcc53ce2041e2922e46_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:32b6d98c6fc14499531535c301bc0f34976cf8c172898e728808bd1a31987557_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:9b890daea8a5b20722e273b7e1e12752cb739181745810ffaae6bdd5d59be84b_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36221"
},
{
"category": "external",
"summary": "RHBZ#1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk",
"url": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://docs.openshift.com/container-platform/latest/distr_tracing/distr_tracing_install/distr-tracing-updating.html",
"product_ids": [
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:421222e82c3b137992ee05f0cb3564c8ce04bbe9582a26c62df6793d7248bb42_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:addd2534475c44a2bbedc9d1c833255a8070a0bfb9f5a1457cb56693926315be_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:006a540ef57adcd939a85a4915fa3dbc63fd2b105c2f43c2b46d8de5108f6925_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:054b789cdfc9797aae8dcb9b2787274ea6ee304a753ff2567fc147b8aceff203_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e98bd13e0530f61268dd6486fbccd4a2eda4e11cf9dfcf2997eb309f22cd4f48_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:bc01bdbc5ac3d24a4000bcc182662dd3bb3609a6a62339b36baa99a75dee8a81_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:15be113cd998050b49fb6465b8f14345578d7296327d5951d13d506b63ebfd2f_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:b19b70fb4aa1dc0665ab05dd4a6223eaf5c7ad3d077048bee9fa6d473a54f5e1_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:d576a57b826f626f037343f2017f540973575a21a59641e12c365b19d511ffd8_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:12f867f73893acc7aa4d6bdbb08d1ef14bc56595cce9d1c709065e34a4a81817_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:81fdd996a36fa37bf3f4c101bb25414b43c72538766a51ec4a346293eb37a63e_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:8f73fe01cd4211ed37231f38fd25383cfd9b7f2ca6b9417833d2fea450cd8b7b_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:0b8b299869e821e8431e3860d6b47879ade5df19b08610a1f87b0d03a1c0ec7b_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:206382a742e2b885efb2b866a358bb1559d0c67dca0801816e12b6a9e6efc81c_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:ad3d1087af547c494d7cee9b2dac6e91196ac55cf9e01f761fa3f7b1acf29ccd_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:e54f4a96ccf3006a96a3336af93390741ca18195db31252a6d29b7176464a78a_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:17bc11d364fae94c2392147297b75c3bcdc80eec7c73016eb2cd225851f96a9f_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:97584a9024698d85418baaadce793a69914c2ed0ef49398cf6609757bd85ac19_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:f11733667d88fe4411fb6d975de3ba68028895f59fe1ae70566dbd2ffbff17f0_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:e5b754780949cf4aaec013385133817be2cae832de4a3dcc53ce2041e2922e46_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:32b6d98c6fc14499531535c301bc0f34976cf8c172898e728808bd1a31987557_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:9b890daea8a5b20722e273b7e1e12752cb739181745810ffaae6bdd5d59be84b_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0318"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:421222e82c3b137992ee05f0cb3564c8ce04bbe9582a26c62df6793d7248bb42_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:addd2534475c44a2bbedc9d1c833255a8070a0bfb9f5a1457cb56693926315be_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:006a540ef57adcd939a85a4915fa3dbc63fd2b105c2f43c2b46d8de5108f6925_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:054b789cdfc9797aae8dcb9b2787274ea6ee304a753ff2567fc147b8aceff203_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e98bd13e0530f61268dd6486fbccd4a2eda4e11cf9dfcf2997eb309f22cd4f48_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:bc01bdbc5ac3d24a4000bcc182662dd3bb3609a6a62339b36baa99a75dee8a81_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:15be113cd998050b49fb6465b8f14345578d7296327d5951d13d506b63ebfd2f_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:b19b70fb4aa1dc0665ab05dd4a6223eaf5c7ad3d077048bee9fa6d473a54f5e1_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:d576a57b826f626f037343f2017f540973575a21a59641e12c365b19d511ffd8_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:12f867f73893acc7aa4d6bdbb08d1ef14bc56595cce9d1c709065e34a4a81817_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:81fdd996a36fa37bf3f4c101bb25414b43c72538766a51ec4a346293eb37a63e_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:8f73fe01cd4211ed37231f38fd25383cfd9b7f2ca6b9417833d2fea450cd8b7b_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:0b8b299869e821e8431e3860d6b47879ade5df19b08610a1f87b0d03a1c0ec7b_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:206382a742e2b885efb2b866a358bb1559d0c67dca0801816e12b6a9e6efc81c_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:ad3d1087af547c494d7cee9b2dac6e91196ac55cf9e01f761fa3f7b1acf29ccd_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:e54f4a96ccf3006a96a3336af93390741ca18195db31252a6d29b7176464a78a_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:17bc11d364fae94c2392147297b75c3bcdc80eec7c73016eb2cd225851f96a9f_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:97584a9024698d85418baaadce793a69914c2ed0ef49398cf6609757bd85ac19_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:f11733667d88fe4411fb6d975de3ba68028895f59fe1ae70566dbd2ffbff17f0_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:e5b754780949cf4aaec013385133817be2cae832de4a3dcc53ce2041e2922e46_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:32b6d98c6fc14499531535c301bc0f34976cf8c172898e728808bd1a31987557_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:9b890daea8a5b20722e273b7e1e12752cb739181745810ffaae6bdd5d59be84b_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:421222e82c3b137992ee05f0cb3564c8ce04bbe9582a26c62df6793d7248bb42_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:98c37aeb7d37c3dbbc51705ef00e6d0bf0fc34f89b6433d1b6c7dbabd8a18b56_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-agent-rhel8@sha256:addd2534475c44a2bbedc9d1c833255a8070a0bfb9f5a1457cb56693926315be_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:006a540ef57adcd939a85a4915fa3dbc63fd2b105c2f43c2b46d8de5108f6925_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:054b789cdfc9797aae8dcb9b2787274ea6ee304a753ff2567fc147b8aceff203_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-all-in-one-rhel8@sha256:0559883044ebb6d30405b64851187a09faee0ee142bb9aa1cc8011d5c4a43728_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:cd9f5edfe04560ce6b53298dcb3b26d3893916a55c5cffb6b699b2ebb03dd4b7_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e747c1f5f990563ee1df544037dfc4c2f7cd647c09441acb29331635feefa439_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-collector-rhel8@sha256:e98bd13e0530f61268dd6486fbccd4a2eda4e11cf9dfcf2997eb309f22cd4f48_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:81b861e6c53934eb556f568f099d421f0d351a62e390fab639fc987c40ad8c70_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:ae35e80aa25c5b3a26145805053e10688b1b51929b9b7001063a126568744225_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-index-cleaner-rhel8@sha256:bc01bdbc5ac3d24a4000bcc182662dd3bb3609a6a62339b36baa99a75dee8a81_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:15be113cd998050b49fb6465b8f14345578d7296327d5951d13d506b63ebfd2f_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:b19b70fb4aa1dc0665ab05dd4a6223eaf5c7ad3d077048bee9fa6d473a54f5e1_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-es-rollover-rhel8@sha256:dd9536b4b7e1a3ee7a5a8eb62b9ff3b84a897d2acd01243be815445003b42738_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c0f8ddd8da5763b62f720efcc29107db6e5f409a3f77cd93f907966440af3720_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:c761e663dd0492ef64068b3188d02319664338592e194c44337e08002dc6402f_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-ingester-rhel8@sha256:d576a57b826f626f037343f2017f540973575a21a59641e12c365b19d511ffd8_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:12f867f73893acc7aa4d6bdbb08d1ef14bc56595cce9d1c709065e34a4a81817_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:81fdd996a36fa37bf3f4c101bb25414b43c72538766a51ec4a346293eb37a63e_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-operator-bundle@sha256:8f73fe01cd4211ed37231f38fd25383cfd9b7f2ca6b9417833d2fea450cd8b7b_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:0b8b299869e821e8431e3860d6b47879ade5df19b08610a1f87b0d03a1c0ec7b_s390x",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:206382a742e2b885efb2b866a358bb1559d0c67dca0801816e12b6a9e6efc81c_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-query-rhel8@sha256:cb011bd1409ff54a7fcfdb892ead7907c86e46f8733af91a2eb3089ccbd54ee5_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:ad3d1087af547c494d7cee9b2dac6e91196ac55cf9e01f761fa3f7b1acf29ccd_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:d6395747de09f00b92145d2617e2d38b905a05d6805e2096769935ed7e3515ce_amd64",
"8Base-RHOSDT-2.1:rhosdt/jaeger-rhel8-operator@sha256:e54f4a96ccf3006a96a3336af93390741ca18195db31252a6d29b7176464a78a_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:17bc11d364fae94c2392147297b75c3bcdc80eec7c73016eb2cd225851f96a9f_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:97584a9024698d85418baaadce793a69914c2ed0ef49398cf6609757bd85ac19_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-collector-rhel8@sha256:f11733667d88fe4411fb6d975de3ba68028895f59fe1ae70566dbd2ffbff17f0_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:3145f795e66f2fee18641e939bf076f6c335b59b13d47e5089db62f4bce1561a_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:6bf00aa0bd41ec7521219723b84e69849f528d84c17bd9d67feaa35fa46f6bae_ppc64le",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-operator-bundle@sha256:e5b754780949cf4aaec013385133817be2cae832de4a3dcc53ce2041e2922e46_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:32b6d98c6fc14499531535c301bc0f34976cf8c172898e728808bd1a31987557_amd64",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:9b890daea8a5b20722e273b7e1e12752cb739181745810ffaae6bdd5d59be84b_s390x",
"8Base-RHOSDT-2.1:rhosdt/opentelemetry-rhel8-operator@sha256:d476cd325d60b035e990f241a7d2e888f59a859008b5f4c4829e7ce894951290_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic"
}
]
}
rhsa-2022_0998
Vulnerability from csaf_redhat
Published
2022-03-23 22:12
Modified
2024-09-18 14:40
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (golang-github-vbatts-tar-split) security update
Notes
Topic
An update for golang-github-vbatts-tar-split is now available for Red Hat
OpenStack Platform 16.2 (Train).
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Security Fix(es):
* net: incorrect parsing of extraneous zero characters at the beginning of
an IP address octet (CVE-2021-29923)
* crypto/tls: certificate of wrong type is causing TLS client to panic
(CVE-2021-34558)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang-github-vbatts-tar-split is now available for Red Hat\nOpenStack Platform 16.2 (Train).\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Security Fix(es):\n\n* net: incorrect parsing of extraneous zero characters at the beginning of\nan IP address octet (CVE-2021-29923)\n\n* crypto/tls: certificate of wrong type is causing TLS client to panic\n(CVE-2021-34558)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0998",
"url": "https://access.redhat.com/errata/RHSA-2022:0998"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0998.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (golang-github-vbatts-tar-split) security update",
"tracking": {
"current_release_date": "2024-09-18T14:40:20+00:00",
"generator": {
"date": "2024-09-18T14:40:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0998",
"initial_release_date": "2022-03-23T22:12:28+00:00",
"revision_history": [
{
"date": "2022-03-23T22:12:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-03-23T22:12:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:40:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 16.2",
"product": {
"name": "Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:16.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"product": {
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"product_id": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-vbatts-tar-split@0.11.1-6.el8ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64",
"product": {
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64",
"product_id": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-vbatts-tar-split@0.11.1-6.el8ost?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"product": {
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"product_id": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-vbatts-tar-split@0.11.1-6.el8ost?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le"
},
"product_reference": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src"
},
"product_reference": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
},
"product_reference": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0998"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-34558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1983596"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate\u0027s private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0\u20131.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This vulnerability potentially affects any component written in Go that uses crypto/tls from the standard library. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components: \n - OpenShift Container Platform\n - OpenShift distributed tracing (formerly OpenShift Jaeger)\n - OpenShift Migration Toolkit for Containers\n - Red Hat Advanced Cluster Management for Kubernetes\n - Red Hat OpenShift on AWS\n - Red Hat OpenShift Virtualization\n\n* Because OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34558"
},
{
"category": "external",
"summary": "RHBZ#1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.15.minor",
"url": "https://golang.org/doc/devel/release#go1.15.minor"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.16.minor",
"url": "https://golang.org/doc/devel/release#go1.16.minor"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0998"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"8Base-RHOS-16.2:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic"
}
]
}
rhsa-2022_0989
Vulnerability from csaf_redhat
Published
2022-03-24 10:58
Modified
2024-09-18 14:40
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (golang-qpid-apache) security update
Notes
Topic
An update for golang-qpid-apache is now available for Red Hat OpenStack
Platform 16.1 (Train).
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Golang binding library for qpid-proton
Security Fix(es):
* net: incorrect parsing of extraneous zero characters at the beginning of
an IP address octet (CVE-2021-29923)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang-qpid-apache is now available for Red Hat OpenStack\nPlatform 16.1 (Train).\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Golang binding library for qpid-proton\n\nSecurity Fix(es):\n\n* net: incorrect parsing of extraneous zero characters at the beginning of\nan IP address octet (CVE-2021-29923)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0989",
"url": "https://access.redhat.com/errata/RHSA-2022:0989"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0989.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (golang-qpid-apache) security update",
"tracking": {
"current_release_date": "2024-09-18T14:40:44+00:00",
"generator": {
"date": "2024-09-18T14:40:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0989",
"initial_release_date": "2022-03-24T10:58:33+00:00",
"revision_history": [
{
"date": "2022-03-24T10:58:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-03-24T10:58:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:40:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 16.1",
"product": {
"name": "Red Hat OpenStack Platform 16.1",
"product_id": "8Base-RHOS-16.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:16.1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src",
"product": {
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src",
"product_id": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-qpid-apache@0.32.0-rc1.9.el8ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64",
"product": {
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64",
"product_id": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-qpid-apache@0.32.0-rc1.9.el8ost?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le",
"product": {
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le",
"product_id": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-qpid-apache@0.32.0-rc1.9.el8ost?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.1",
"product_id": "8Base-RHOS-16.1:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le"
},
"product_reference": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src as a component of Red Hat OpenStack Platform 16.1",
"product_id": "8Base-RHOS-16.1:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src"
},
"product_reference": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src",
"relates_to_product_reference": "8Base-RHOS-16.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.1",
"product_id": "8Base-RHOS-16.1:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64"
},
"product_reference": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.1:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le",
"8Base-RHOS-16.1:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src",
"8Base-RHOS-16.1:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.1:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le",
"8Base-RHOS-16.1:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src",
"8Base-RHOS-16.1:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0989"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOS-16.1:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le",
"8Base-RHOS-16.1:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src",
"8Base-RHOS-16.1:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.1:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le",
"8Base-RHOS-16.1:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src",
"8Base-RHOS-16.1:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
}
]
}
rhsa-2022_1276
Vulnerability from csaf_redhat
Published
2022-04-07 18:02
Modified
2024-09-18 14:41
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.0.9 security update
Notes
Topic
Red Hat OpenShift Service Mesh 2.0.9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
This advisory covers the RPM packages for the release.
Security Fix(es):
* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)
* envoy: Incorrect configuration handling allows mTLS session re-use without re-validation (CVE-2022-21654)
* envoy: Incorrect handling of internal redirects to routes with a direct response entry (CVE-2022-21655)
* istio: Unauthenticated control plane denial of service attack due to stack exhaustion (CVE-2022-24726)
* golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension (CVE-2020-28851)
* golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852)
* nodejs-axios: Regular expression denial of service in trim function (CVE-2021-3749)
* ulikunitz/xz: Infinite loop in readUvarint allows for denial of service (CVE-2021-29482)
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)
* golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)
* envoy: Null pointer dereference when using JWT filter safe_regex match (CVE-2021-43824)
* envoy: Use-after-free when response filters increase response data (CVE-2021-43825)
* envoy: Use-after-free when tunneling TCP over HTTP (CVE-2021-43826)
* envoy: Stack exhaustion when a cluster is deleted via Cluster Discovery Service (CVE-2022-23606)
* istio: unauthenticated control plane denial of service attack (CVE-2022-23635)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh 2.0.9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.\n\nThis advisory covers the RPM packages for the release.\n\nSecurity Fix(es):\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)\n\n* envoy: Incorrect configuration handling allows mTLS session re-use without re-validation (CVE-2022-21654)\n\n* envoy: Incorrect handling of internal redirects to routes with a direct response entry (CVE-2022-21655)\n\n* istio: Unauthenticated control plane denial of service attack due to stack exhaustion (CVE-2022-24726)\n\n* golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension (CVE-2020-28851)\n\n* golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852)\n\n* nodejs-axios: Regular expression denial of service in trim function (CVE-2021-3749)\n\n* ulikunitz/xz: Infinite loop in readUvarint allows for denial of service (CVE-2021-29482)\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)\n\n* golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)\n\n* envoy: Null pointer dereference when using JWT filter safe_regex match (CVE-2021-43824)\n\n* envoy: Use-after-free when response filters increase response data (CVE-2021-43825)\n\n* envoy: Use-after-free when tunneling TCP over HTTP (CVE-2021-43826)\n\n* envoy: Stack exhaustion when a cluster is deleted via Cluster Discovery Service (CVE-2022-23606)\n\n* istio: unauthenticated control plane denial of service attack (CVE-2022-23635)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:1276",
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1913333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333"
},
{
"category": "external",
"summary": "1913338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338"
},
{
"category": "external",
"summary": "1921650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650"
},
{
"category": "external",
"summary": "1954368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954368"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "external",
"summary": "1999784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999784"
},
{
"category": "external",
"summary": "2030787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030787"
},
{
"category": "external",
"summary": "2050744",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050744"
},
{
"category": "external",
"summary": "2050746",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050746"
},
{
"category": "external",
"summary": "2050748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050748"
},
{
"category": "external",
"summary": "2050753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050753"
},
{
"category": "external",
"summary": "2050757",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050757"
},
{
"category": "external",
"summary": "2050758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050758"
},
{
"category": "external",
"summary": "2057277",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057277"
},
{
"category": "external",
"summary": "2061638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061638"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_1276.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.0.9 security update",
"tracking": {
"current_release_date": "2024-09-18T14:41:08+00:00",
"generator": {
"date": "2024-09-18T14:41:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:1276",
"initial_release_date": "2022-04-07T18:02:07+00:00",
"revision_history": [
{
"date": "2022-04-07T18:02:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-04-07T18:02:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:41:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Service Mesh 2.0",
"product": {
"name": "OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "kiali-0:v1.24.7.redhat1-1.el8.src",
"product": {
"name": "kiali-0:v1.24.7.redhat1-1.el8.src",
"product_id": "kiali-0:v1.24.7.redhat1-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kiali@v1.24.7.redhat1-1.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "servicemesh-proxy-0:2.0.9-3.el8.src",
"product": {
"name": "servicemesh-proxy-0:2.0.9-3.el8.src",
"product_id": "servicemesh-proxy-0:2.0.9-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-proxy@2.0.9-3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "servicemesh-operator-0:2.0.9-3.el8.src",
"product": {
"name": "servicemesh-operator-0:2.0.9-3.el8.src",
"product_id": "servicemesh-operator-0:2.0.9-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-operator@2.0.9-3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "servicemesh-0:2.0.9-3.el8.src",
"product": {
"name": "servicemesh-0:2.0.9-3.el8.src",
"product_id": "servicemesh-0:2.0.9-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh@2.0.9-3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"product": {
"name": "servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"product_id": "servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-prometheus@2.14.0-16.el8.1?arch=src"
}
}
},
{
"category": "product_version",
"name": "servicemesh-cni-0:2.0.9-3.el8.src",
"product": {
"name": "servicemesh-cni-0:2.0.9-3.el8.src",
"product_id": "servicemesh-cni-0:2.0.9-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-cni@2.0.9-3.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"product": {
"name": "kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"product_id": "kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kiali@v1.24.7.redhat1-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-proxy-0:2.0.9-3.el8.x86_64",
"product": {
"name": "servicemesh-proxy-0:2.0.9-3.el8.x86_64",
"product_id": "servicemesh-proxy-0:2.0.9-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-proxy@2.0.9-3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-operator-0:2.0.9-3.el8.x86_64",
"product": {
"name": "servicemesh-operator-0:2.0.9-3.el8.x86_64",
"product_id": "servicemesh-operator-0:2.0.9-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-operator@2.0.9-3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-0:2.0.9-3.el8.x86_64",
"product": {
"name": "servicemesh-0:2.0.9-3.el8.x86_64",
"product_id": "servicemesh-0:2.0.9-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh@2.0.9-3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"product": {
"name": "servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"product_id": "servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-istioctl@2.0.9-3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"product": {
"name": "servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"product_id": "servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-mixc@2.0.9-3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"product": {
"name": "servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"product_id": "servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-mixs@2.0.9-3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"product": {
"name": "servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"product_id": "servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-pilot-agent@2.0.9-3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"product": {
"name": "servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"product_id": "servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-pilot-discovery@2.0.9-3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"product": {
"name": "servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"product_id": "servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-prometheus@2.14.0-16.el8.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-cni-0:2.0.9-3.el8.x86_64",
"product": {
"name": "servicemesh-cni-0:2.0.9-3.el8.x86_64",
"product_id": "servicemesh-cni-0:2.0.9-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-cni@2.0.9-3.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"product": {
"name": "kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"product_id": "kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kiali@v1.24.7.redhat1-1.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"product": {
"name": "servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"product_id": "servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-proxy@2.0.9-3.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"product": {
"name": "servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"product_id": "servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-operator@2.0.9-3.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "servicemesh-0:2.0.9-3.el8.ppc64le",
"product": {
"name": "servicemesh-0:2.0.9-3.el8.ppc64le",
"product_id": "servicemesh-0:2.0.9-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh@2.0.9-3.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"product": {
"name": "servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"product_id": "servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-istioctl@2.0.9-3.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"product": {
"name": "servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"product_id": "servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-mixc@2.0.9-3.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"product": {
"name": "servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"product_id": "servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-mixs@2.0.9-3.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"product": {
"name": "servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"product_id": "servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-pilot-agent@2.0.9-3.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"product": {
"name": "servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"product_id": "servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-pilot-discovery@2.0.9-3.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"product": {
"name": "servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"product_id": "servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-prometheus@2.14.0-16.el8.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"product": {
"name": "servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"product_id": "servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-cni@2.0.9-3.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kiali-0:v1.24.7.redhat1-1.el8.s390x",
"product": {
"name": "kiali-0:v1.24.7.redhat1-1.el8.s390x",
"product_id": "kiali-0:v1.24.7.redhat1-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kiali@v1.24.7.redhat1-1.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "servicemesh-proxy-0:2.0.9-3.el8.s390x",
"product": {
"name": "servicemesh-proxy-0:2.0.9-3.el8.s390x",
"product_id": "servicemesh-proxy-0:2.0.9-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-proxy@2.0.9-3.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "servicemesh-operator-0:2.0.9-3.el8.s390x",
"product": {
"name": "servicemesh-operator-0:2.0.9-3.el8.s390x",
"product_id": "servicemesh-operator-0:2.0.9-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-operator@2.0.9-3.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "servicemesh-0:2.0.9-3.el8.s390x",
"product": {
"name": "servicemesh-0:2.0.9-3.el8.s390x",
"product_id": "servicemesh-0:2.0.9-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh@2.0.9-3.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"product": {
"name": "servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"product_id": "servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-istioctl@2.0.9-3.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "servicemesh-mixc-0:2.0.9-3.el8.s390x",
"product": {
"name": "servicemesh-mixc-0:2.0.9-3.el8.s390x",
"product_id": "servicemesh-mixc-0:2.0.9-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-mixc@2.0.9-3.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "servicemesh-mixs-0:2.0.9-3.el8.s390x",
"product": {
"name": "servicemesh-mixs-0:2.0.9-3.el8.s390x",
"product_id": "servicemesh-mixs-0:2.0.9-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-mixs@2.0.9-3.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"product": {
"name": "servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"product_id": "servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-pilot-agent@2.0.9-3.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"product": {
"name": "servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"product_id": "servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-pilot-discovery@2.0.9-3.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"product": {
"name": "servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"product_id": "servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-prometheus@2.14.0-16.el8.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "servicemesh-cni-0:2.0.9-3.el8.s390x",
"product": {
"name": "servicemesh-cni-0:2.0.9-3.el8.s390x",
"product_id": "servicemesh-cni-0:2.0.9-3.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-cni@2.0.9-3.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kiali-0:v1.24.7.redhat1-1.el8.ppc64le as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le"
},
"product_reference": "kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kiali-0:v1.24.7.redhat1-1.el8.s390x as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x"
},
"product_reference": "kiali-0:v1.24.7.redhat1-1.el8.s390x",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kiali-0:v1.24.7.redhat1-1.el8.src as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src"
},
"product_reference": "kiali-0:v1.24.7.redhat1-1.el8.src",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kiali-0:v1.24.7.redhat1-1.el8.x86_64 as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64"
},
"product_reference": "kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-0:2.0.9-3.el8.ppc64le as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le"
},
"product_reference": "servicemesh-0:2.0.9-3.el8.ppc64le",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-0:2.0.9-3.el8.s390x as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x"
},
"product_reference": "servicemesh-0:2.0.9-3.el8.s390x",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-0:2.0.9-3.el8.src as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src"
},
"product_reference": "servicemesh-0:2.0.9-3.el8.src",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-0:2.0.9-3.el8.x86_64 as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64"
},
"product_reference": "servicemesh-0:2.0.9-3.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-cni-0:2.0.9-3.el8.ppc64le as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le"
},
"product_reference": "servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-cni-0:2.0.9-3.el8.s390x as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x"
},
"product_reference": "servicemesh-cni-0:2.0.9-3.el8.s390x",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-cni-0:2.0.9-3.el8.src as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src"
},
"product_reference": "servicemesh-cni-0:2.0.9-3.el8.src",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-cni-0:2.0.9-3.el8.x86_64 as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64"
},
"product_reference": "servicemesh-cni-0:2.0.9-3.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-istioctl-0:2.0.9-3.el8.ppc64le as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le"
},
"product_reference": "servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-istioctl-0:2.0.9-3.el8.s390x as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x"
},
"product_reference": "servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-istioctl-0:2.0.9-3.el8.x86_64 as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64"
},
"product_reference": "servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-mixc-0:2.0.9-3.el8.ppc64le as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le"
},
"product_reference": "servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-mixc-0:2.0.9-3.el8.s390x as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x"
},
"product_reference": "servicemesh-mixc-0:2.0.9-3.el8.s390x",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-mixc-0:2.0.9-3.el8.x86_64 as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64"
},
"product_reference": "servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-mixs-0:2.0.9-3.el8.ppc64le as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le"
},
"product_reference": "servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-mixs-0:2.0.9-3.el8.s390x as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x"
},
"product_reference": "servicemesh-mixs-0:2.0.9-3.el8.s390x",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-mixs-0:2.0.9-3.el8.x86_64 as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64"
},
"product_reference": "servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-operator-0:2.0.9-3.el8.ppc64le as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le"
},
"product_reference": "servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-operator-0:2.0.9-3.el8.s390x as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x"
},
"product_reference": "servicemesh-operator-0:2.0.9-3.el8.s390x",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-operator-0:2.0.9-3.el8.src as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src"
},
"product_reference": "servicemesh-operator-0:2.0.9-3.el8.src",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-operator-0:2.0.9-3.el8.x86_64 as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64"
},
"product_reference": "servicemesh-operator-0:2.0.9-3.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le"
},
"product_reference": "servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-pilot-agent-0:2.0.9-3.el8.s390x as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x"
},
"product_reference": "servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64 as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64"
},
"product_reference": "servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le"
},
"product_reference": "servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x"
},
"product_reference": "servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64 as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64"
},
"product_reference": "servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le"
},
"product_reference": "servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-prometheus-0:2.14.0-16.el8.1.s390x as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x"
},
"product_reference": "servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-prometheus-0:2.14.0-16.el8.1.src as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src"
},
"product_reference": "servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64 as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64"
},
"product_reference": "servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-proxy-0:2.0.9-3.el8.ppc64le as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le"
},
"product_reference": "servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-proxy-0:2.0.9-3.el8.s390x as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x"
},
"product_reference": "servicemesh-proxy-0:2.0.9-3.el8.s390x",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-proxy-0:2.0.9-3.el8.src as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src"
},
"product_reference": "servicemesh-proxy-0:2.0.9-3.el8.src",
"relates_to_product_reference": "8Base-OSSM-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-proxy-0:2.0.9-3.el8.x86_64 as a component of OpenShift Service Mesh 2.0",
"product_id": "8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
},
"product_reference": "servicemesh-proxy-0:2.0.9-3.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-2.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-28851",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org. In x/text, an \"index out of range\" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Below Red Hat products include the affected version of \u0027golang.org/x/text\u0027, however the language package is not being used and hence they are rated as having a security impact of Low. A future update may address this issue.\n\n* Red Hat OpenShift Container Storage 4\n* OpenShift ServiceMesh (OSSM)\n* Red Hat Gluster Storage 3\n* Windows Container Support for Red Hat OpenShift\n\nOnly three components in OpenShift Container Platform include the affected package, \u0027golang.org/x/text/language\u0027 , the installer, baremetal installer and thanos container images. All other components that include a version of \u0027golang.org/x/text\u0027 do not include the \u0027language\u0027 package and are therefore not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64"
],
"known_not_affected": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28851"
},
{
"category": "external",
"summary": "RHBZ#1913333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28851",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28851"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28851",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28851"
}
],
"release_date": "2021-01-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension"
},
{
"cve": "CVE-2020-28852",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2021-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org. In x/text, a \"slice bounds out of range\" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Below Red Hat products include the affected version of \u0027golang.org/x/text\u0027, however the language package is not being used and hence they are rated as having a security impact of Low. A future update may address this issue.\n\n* Red Hat OpenShift Container Storage 4\n* OpenShift ServiceMesh (OSSM)\n* Red Hat Gluster Storage 3\n* Windows Container Support for Red Hat OpenShift\n\nOnly three components in OpenShift Container Platform include the affected package, \u0027golang.org/x/text/language\u0027 , the installer, baremetal installer and thanos container images. All other components that include a version of \u0027golang.org/x/text\u0027 do not include the \u0027language\u0027 package and are therefore not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64"
],
"known_not_affected": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28852"
},
{
"category": "external",
"summary": "RHBZ#1913338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28852",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28852"
}
],
"release_date": "2021-01-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag"
},
{
"cve": "CVE-2021-3121",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2021-01-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1921650"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/gogo/protobuf before 1.3.2 that allows an out-of-bounds access when unmarshalling certain protobuf objects. This flaw allows a remote attacker to send crafted protobuf messages, causing panic and resulting in a denial of service. The highest threat from this vulnerability is to availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM) and Red Hat OpenShift Jaeger (RHOSJ) all include code generated by github.com/gogo/protobuf to parse protobuf messages. However, no component is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate for OCP, OSSM and RHOSJ.\n\nOpenShift Virtualization includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no component of OpenShift Virtualization is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no RHACM component is accepting protobuf messages from unauthenticated sources and are used with a limited scope, hence this vulnerability is rated Moderate for RHACM.\n\nRed Hat Cluster Application Migration (CAM) includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no CAM component is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate for CAM.\n\nCryostat-2 is affected as it does ship gogo/protobuf library with it\u0027s distribution but the only use for Protobuf would be the Kubernetes/OpenShift API server the operator communicates with and it should be authenticated hence it is affected with Moderate impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64"
],
"known_not_affected": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3121"
},
{
"category": "external",
"summary": "RHBZ#1921650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121"
}
],
"release_date": "2021-01-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation"
},
{
"cve": "CVE-2021-3749",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999784"
}
],
"notes": [
{
"category": "description",
"text": "A Regular Expression Denial of Service (ReDoS) vulnerability was found in the nodejs axios. This flaw allows an attacker to provide crafted input to the trim function, which might cause high resources consumption and as a consequence lead to denial of service. The highest threat from this vulnerability is system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-axios: Regular expression denial of service in trim function",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* OpenShift Container Platform (OCP) grafana-container does package a vulnerable version of nodejs axios. However, due to the instance being read only and behind OpenShift OAuth, the impact of this vulnerability is Low.\n\n* Red Hat Advanced Cluster Management for Kubernetes (RHACM) 2.1 and previous versions does contain a vulnerable version of nodejs axios, RHACM 2.2 on towards are not affected versions. For RHACM 2.1, due to the instance being read only and behind OAuth, the impact of this vulnerability is Low.\n\n* Because Service Telemetry Framework 1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF\u0027s service-telemetry-operator-container and smart-gateway-operator-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64"
],
"known_not_affected": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3749"
},
{
"category": "external",
"summary": "RHBZ#1999784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3749",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3749"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/5b457116e31db0e88fede6c428e969e87f290929",
"url": "https://github.com/axios/axios/commit/5b457116e31db0e88fede6c428e969e87f290929"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/1e8f07fc-c384-4ff9-8498-0690de2e8c31",
"url": "https://huntr.dev/bounties/1e8f07fc-c384-4ff9-8498-0690de2e8c31"
}
],
"release_date": "2021-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-axios: Regular expression denial of service in trim function"
},
{
"cve": "CVE-2021-29482",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-04-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1954368"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/ulikunitz/xz. The function readUvarint may not terminate a loop what could lead to denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ulikunitz/xz: Infinite loop in readUvarint allows for denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth authentication, therefore the impact is low.\nIn OCP before 4.7 the buildah, skopeo and podman packages include vulnerable version of github.com/ulikunitz/xz, but these OCP releases are already in the Maintenance Phase of the support, hence affected components are marked as wontfix. This may be fixed in the future.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64"
],
"known_not_affected": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29482"
},
{
"category": "external",
"summary": "RHBZ#1954368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954368"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29482",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29482"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29482",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29482"
}
],
"release_date": "2020-08-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ulikunitz/xz: Infinite loop in readUvarint allows for denial of service"
},
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
],
"known_not_affected": [
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-36221",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-08-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995656"
}
],
"notes": [
{
"category": "description",
"text": "A race condition flaw was found in Go. The incoming requests body weren\u0027t closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the impacted RHOSP packages.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF1.3, no update will be provided at this time for the STF1.3 sg-core-container. Additionally, because Service Telemetry Framework1.2 will be retiring soon, no update will be provided at this time for the STF1.2 smart-gateway-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64"
],
"known_not_affected": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36221"
},
{
"category": "external",
"summary": "RHBZ#1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk",
"url": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic"
},
{
"cve": "CVE-2021-43565",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030787"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s an input validation flaw in golang.org/x/crypto\u0027s readCipherPacket() function. An unauthenticated attacker who sends an empty plaintext packet to a program linked with golang.org/x/crypto/ssh could cause a panic, potentially leading to denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto: empty plaintext packet causes panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "go-toolset shipped with Red Hat Developer Tools - Compilers and golang shipped with Red Hat Enterprise Linux 8 are not affected by this flaw because they do not ship the vulnerable code.\n\nThis flaw was rated to have a Moderate impact because it is not shipped in the Golang standard library and thus has a reduced impact to products compared with other flaws of this type.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64"
],
"known_not_affected": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43565"
},
{
"category": "external",
"summary": "RHBZ#2030787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030787"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565"
}
],
"release_date": "2021-12-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/crypto: empty plaintext packet causes panic"
},
{
"cve": "CVE-2021-43824",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2022-02-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050744"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in envoy. A crafted request can potentially trigger a NULL pointer dereference when using a WT filter safe_regex match.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Null pointer dereference when using JWT filter safe_regex match",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
],
"known_not_affected": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43824"
},
{
"category": "external",
"summary": "RHBZ#2050744",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050744"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43824",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43824"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43824",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43824"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vj5m-rch8-5r2p",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vj5m-rch8-5r2p"
}
],
"release_date": "2022-02-22T07:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Null pointer dereference when using JWT filter safe_regex match"
},
{
"cve": "CVE-2021-43825",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-02-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050746"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in envoy. If the amount of buffered data by envoy goes over the limit, the buffer may overflow while a response is being processed by the filter chain. This issue possibly causes the operation to abort incorrectly, resulting in the access of a freed memory block.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Use-after-free when response filters increase response data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
],
"known_not_affected": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43825"
},
{
"category": "external",
"summary": "RHBZ#2050746",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050746"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43825",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43825"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43825",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43825"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-h69p-g6xg-mhhh",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-h69p-g6xg-mhhh"
}
],
"release_date": "2022-02-22T07:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Use-after-free when response filters increase response data"
},
{
"cve": "CVE-2021-43826",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-02-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050748"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in envoy. If a downstream source disconnects during upstream connection establishment when tunneling TCP over HTTP, a use-after-free can occur, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Use-after-free when tunneling TCP over HTTP",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
],
"known_not_affected": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43826"
},
{
"category": "external",
"summary": "RHBZ#2050748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43826",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43826"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43826",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43826"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-cmx3-fvgf-83mf",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-cmx3-fvgf-83mf"
}
],
"release_date": "2022-02-22T07:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Use-after-free when tunneling TCP over HTTP"
},
{
"cve": "CVE-2022-21654",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2022-02-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050753"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in envoy. When certificate validation settings are changed, incorrect configuration handling allows TLS session reuse without revalidation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Incorrect configuration handling allows mTLS session re-use without re-validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
],
"known_not_affected": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21654"
},
{
"category": "external",
"summary": "RHBZ#2050753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050753"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21654",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21654"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21654",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21654"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-5j4x-g36v-m283",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-5j4x-g36v-m283"
}
],
"release_date": "2022-02-22T07:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: Incorrect configuration handling allows mTLS session re-use without re-validation"
},
{
"cve": "CVE-2022-21655",
"cwe": {
"id": "CWE-670",
"name": "Always-Incorrect Control Flow Implementation"
},
"discovery_date": "2022-02-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050757"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in envoy. Due to incorrect handling of the common router, a segfault is possible when internal redirects are routes with a direct response entry.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Incorrect handling of internal redirects to routes with a direct response entry",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
],
"known_not_affected": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21655"
},
{
"category": "external",
"summary": "RHBZ#2050757",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050757"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21655",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21655"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21655",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21655"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7r5p-7fmh-jxpg",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7r5p-7fmh-jxpg"
}
],
"release_date": "2022-02-22T07:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: Incorrect handling of internal redirects to routes with a direct response entry"
},
{
"cve": "CVE-2022-23606",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-02-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2050758"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in envoy. When a cluster is deleted via the Cluster Discovery Service, a stack exhaustion may occur.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Stack exhaustion when a cluster is deleted via Cluster Discovery Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
],
"known_not_affected": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23606"
},
{
"category": "external",
"summary": "RHBZ#2050758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050758"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23606",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23606"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23606",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23606"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-9vp2-4cp7-vvxf",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-9vp2-4cp7-vvxf"
}
],
"release_date": "2022-02-22T07:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Stack exhaustion when a cluster is deleted via Cluster Discovery Service"
},
{
"cve": "CVE-2022-23635",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2022-02-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2057277"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in istio. This flaw allows an attacker to send a specially crafted message to isitiod, causing the control plane to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "istio: unauthenticated control plane denial of service attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64"
],
"known_not_affected": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23635"
},
{
"category": "external",
"summary": "RHBZ#2057277",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057277"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23635"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23635",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23635"
},
{
"category": "external",
"summary": "https://istio.io/latest/news/security/istio-security-2022-003",
"url": "https://istio.io/latest/news/security/istio-security-2022-003"
}
],
"release_date": "2022-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "istio: unauthenticated control plane denial of service attack"
},
{
"acknowledgments": [
{
"names": [
"Oliver Liu, John Howard and Jacob Delgado"
],
"organization": "Istio Product Security Working Group",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2022-24726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-03-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2061638"
}
],
"notes": [
{
"category": "description",
"text": "A stack exhaustion flaw was found in the Istio control plane. This flaw allows a remote unauthenticated attacker to send a specially crafted or oversized message to crash the control plane process, resulting in a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "istio: Unauthenticated control plane denial of service attack due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64"
],
"known_not_affected": [
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.ppc64le",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.s390x",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.src",
"8Base-OSSM-2.0:kiali-0:v1.24.7.redhat1-1.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-cni-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-operator-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.ppc64le",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.s390x",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.src",
"8Base-OSSM-2.0:servicemesh-prometheus-0:2.14.0-16.el8.1.x86_64",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-proxy-0:2.0.9-3.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24726"
},
{
"category": "external",
"summary": "RHBZ#2061638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061638"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24726",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24726"
},
{
"category": "external",
"summary": "https://istio.io/latest/news/security/istio-security-2022-004/",
"url": "https://istio.io/latest/news/security/istio-security-2022-004/"
}
],
"release_date": "2022-03-09T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.src",
"8Base-OSSM-2.0:servicemesh-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-istioctl-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixc-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-mixs-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-agent-0:2.0.9-3.el8.x86_64",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.ppc64le",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.s390x",
"8Base-OSSM-2.0:servicemesh-pilot-discovery-0:2.0.9-3.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "istio: Unauthenticated control plane denial of service attack due to stack exhaustion"
}
]
}
rhsa-2021_4914
Vulnerability from csaf_redhat
Published
2021-12-02 16:59
Modified
2024-09-18 14:40
Summary
Red Hat Security Advisory: OpenShift Virtualization 4.8.3 Images security and bug fix update
Notes
Topic
Red Hat OpenShift Virtualization release 4.8.3 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains the following OpenShift Virtualization 4.8.3 images:
RHEL-8-CNV-4.8
==============
hostpath-provisioner-container-v4.8.3-4
kubevirt-v2v-conversion-container-v4.8.3-3
virt-cdi-cloner-container-v4.8.3-4
virt-cdi-operator-container-v4.8.3-4
virt-cdi-uploadproxy-container-v4.8.3-4
virt-launcher-container-v4.8.3-9
vm-import-operator-container-v4.8.3-7
virt-cdi-apiserver-container-v4.8.3-4
kubevirt-vmware-container-v4.8.3-3
virt-api-container-v4.8.3-9
vm-import-virtv2v-container-v4.8.3-7
virtio-win-container-v4.8.3-3
node-maintenance-operator-container-v4.8.3-2
hostpath-provisioner-operator-container-v4.8.3-4
virt-cdi-controller-container-v4.8.3-4
virt-cdi-importer-container-v4.8.3-4
bridge-marker-container-v4.8.3-3
ovs-cni-marker-container-v4.8.3-3
virt-handler-container-v4.8.3-9
virt-controller-container-v4.8.3-9
cnv-containernetworking-plugins-container-v4.8.3-3
kubevirt-template-validator-container-v4.8.3-3
hyperconverged-cluster-webhook-container-v4.8.3-5
ovs-cni-plugin-container-v4.8.3-3
hyperconverged-cluster-operator-container-v4.8.3-5
kubevirt-ssp-operator-container-v4.8.3-4
virt-cdi-uploadserver-container-v4.8.3-4
kubemacpool-container-v4.8.3-5
vm-import-controller-container-v4.8.3-7
virt-operator-container-v4.8.3-9
kubernetes-nmstate-handler-container-v4.8.3-8
cnv-must-gather-container-v4.8.3-12
cluster-network-addons-operator-container-v4.8.3-8
hco-bundle-registry-container-v4.8.3-58
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release 4.8.3 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 4.8.3 images:\n\nRHEL-8-CNV-4.8\n==============\nhostpath-provisioner-container-v4.8.3-4\nkubevirt-v2v-conversion-container-v4.8.3-3\nvirt-cdi-cloner-container-v4.8.3-4\nvirt-cdi-operator-container-v4.8.3-4\nvirt-cdi-uploadproxy-container-v4.8.3-4\nvirt-launcher-container-v4.8.3-9\nvm-import-operator-container-v4.8.3-7\nvirt-cdi-apiserver-container-v4.8.3-4\nkubevirt-vmware-container-v4.8.3-3\nvirt-api-container-v4.8.3-9\nvm-import-virtv2v-container-v4.8.3-7\nvirtio-win-container-v4.8.3-3\nnode-maintenance-operator-container-v4.8.3-2\nhostpath-provisioner-operator-container-v4.8.3-4\nvirt-cdi-controller-container-v4.8.3-4\nvirt-cdi-importer-container-v4.8.3-4\nbridge-marker-container-v4.8.3-3\novs-cni-marker-container-v4.8.3-3\nvirt-handler-container-v4.8.3-9\nvirt-controller-container-v4.8.3-9\ncnv-containernetworking-plugins-container-v4.8.3-3\nkubevirt-template-validator-container-v4.8.3-3\nhyperconverged-cluster-webhook-container-v4.8.3-5\novs-cni-plugin-container-v4.8.3-3\nhyperconverged-cluster-operator-container-v4.8.3-5\nkubevirt-ssp-operator-container-v4.8.3-4\nvirt-cdi-uploadserver-container-v4.8.3-4\nkubemacpool-container-v4.8.3-5\nvm-import-controller-container-v4.8.3-7\nvirt-operator-container-v4.8.3-9\nkubernetes-nmstate-handler-container-v4.8.3-8\ncnv-must-gather-container-v4.8.3-12\ncluster-network-addons-operator-container-v4.8.3-8\nhco-bundle-registry-container-v4.8.3-58\n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4914",
"url": "https://access.redhat.com/errata/RHSA-2021:4914"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "1997017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997017"
},
{
"category": "external",
"summary": "1998855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1998855"
},
{
"category": "external",
"summary": "2000251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000251"
},
{
"category": "external",
"summary": "2001270",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001270"
},
{
"category": "external",
"summary": "2001281",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001281"
},
{
"category": "external",
"summary": "2001901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001901"
},
{
"category": "external",
"summary": "2007336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007336"
},
{
"category": "external",
"summary": "2007776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007776"
},
{
"category": "external",
"summary": "2008511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008511"
},
{
"category": "external",
"summary": "2012890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2012890"
},
{
"category": "external",
"summary": "2025475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025475"
},
{
"category": "external",
"summary": "2026881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026881"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_4914.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization 4.8.3 Images security and bug fix update",
"tracking": {
"current_release_date": "2024-09-18T14:40:10+00:00",
"generator": {
"date": "2024-09-18T14:40:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:4914",
"initial_release_date": "2021-12-02T16:59:15+00:00",
"revision_history": [
{
"date": "2021-12-02T16:59:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-02T16:59:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:40:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 4.8 for RHEL 8",
"product": {
"name": "CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.8::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:aba87ec7c157d63dee9d025ef57dead5f3d8feb0a5e0f52ff217f4747b02cfd6_amd64",
"product": {
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:aba87ec7c157d63dee9d025ef57dead5f3d8feb0a5e0f52ff217f4747b02cfd6_amd64",
"product_id": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:aba87ec7c157d63dee9d025ef57dead5f3d8feb0a5e0f52ff217f4747b02cfd6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-handler-rhel8@sha256:aba87ec7c157d63dee9d025ef57dead5f3d8feb0a5e0f52ff217f4747b02cfd6?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubernetes-nmstate-handler-rhel8\u0026tag=v4.8.3-8"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:4cec70b8f22c1c9bb4f623374f7fffd4edff33eee91217a0bae4b89a5ef4ab98_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:4cec70b8f22c1c9bb4f623374f7fffd4edff33eee91217a0bae4b89a5ef4ab98_amd64",
"product_id": "container-native-virtualization/kubevirt-v2v-conversion@sha256:4cec70b8f22c1c9bb4f623374f7fffd4edff33eee91217a0bae4b89a5ef4ab98_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-v2v-conversion@sha256:4cec70b8f22c1c9bb4f623374f7fffd4edff33eee91217a0bae4b89a5ef4ab98?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-v2v-conversion\u0026tag=v4.8.3-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-vmware@sha256:463d9cedb17f2c73f9826141cff4db72c8036b3504dfb1e2892c5928cac7ce02_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-vmware@sha256:463d9cedb17f2c73f9826141cff4db72c8036b3504dfb1e2892c5928cac7ce02_amd64",
"product_id": "container-native-virtualization/kubevirt-vmware@sha256:463d9cedb17f2c73f9826141cff4db72c8036b3504dfb1e2892c5928cac7ce02_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-vmware@sha256:463d9cedb17f2c73f9826141cff4db72c8036b3504dfb1e2892c5928cac7ce02?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-vmware\u0026tag=v4.8.3-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/node-maintenance-operator@sha256:5dbe0b381d7db82b09c8c56b89a3c3fb5765e48f239ba092482247674ef9db25_amd64",
"product": {
"name": "container-native-virtualization/node-maintenance-operator@sha256:5dbe0b381d7db82b09c8c56b89a3c3fb5765e48f239ba092482247674ef9db25_amd64",
"product_id": "container-native-virtualization/node-maintenance-operator@sha256:5dbe0b381d7db82b09c8c56b89a3c3fb5765e48f239ba092482247674ef9db25_amd64",
"product_identification_helper": {
"purl": "pkg:oci/node-maintenance-operator@sha256:5dbe0b381d7db82b09c8c56b89a3c3fb5765e48f239ba092482247674ef9db25?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/node-maintenance-operator\u0026tag=v4.8.3-2"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"product_id": "container-native-virtualization/vm-import-controller@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller\u0026tag=v4.8.3-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"product_id": "container-native-virtualization/vm-import-controller-rhel8@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller-rhel8@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller-rhel8\u0026tag=v4.8.3-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:0599dbcdd281283ab17d8f758a59e893e21a5459217e7c723e3621c5ca890d73_amd64",
"product": {
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:0599dbcdd281283ab17d8f758a59e893e21a5459217e7c723e3621c5ca890d73_amd64",
"product_id": "container-native-virtualization/vm-import-operator-rhel8@sha256:0599dbcdd281283ab17d8f758a59e893e21a5459217e7c723e3621c5ca890d73_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-operator-rhel8@sha256:0599dbcdd281283ab17d8f758a59e893e21a5459217e7c723e3621c5ca890d73?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-operator-rhel8\u0026tag=v4.8.3-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:c7593fb08d76457327f38f8a146a01fca13ac7c8eeb990bb9b5bd9028368f8dd_amd64",
"product": {
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:c7593fb08d76457327f38f8a146a01fca13ac7c8eeb990bb9b5bd9028368f8dd_amd64",
"product_id": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:c7593fb08d76457327f38f8a146a01fca13ac7c8eeb990bb9b5bd9028368f8dd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-virtv2v-rhel8@sha256:c7593fb08d76457327f38f8a146a01fca13ac7c8eeb990bb9b5bd9028368f8dd?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-virtv2v-rhel8\u0026tag=v4.8.3-7"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:aba87ec7c157d63dee9d025ef57dead5f3d8feb0a5e0f52ff217f4747b02cfd6_amd64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:aba87ec7c157d63dee9d025ef57dead5f3d8feb0a5e0f52ff217f4747b02cfd6_amd64"
},
"product_reference": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:aba87ec7c157d63dee9d025ef57dead5f3d8feb0a5e0f52ff217f4747b02cfd6_amd64",
"relates_to_product_reference": "8Base-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:4cec70b8f22c1c9bb4f623374f7fffd4edff33eee91217a0bae4b89a5ef4ab98_amd64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:4cec70b8f22c1c9bb4f623374f7fffd4edff33eee91217a0bae4b89a5ef4ab98_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-v2v-conversion@sha256:4cec70b8f22c1c9bb4f623374f7fffd4edff33eee91217a0bae4b89a5ef4ab98_amd64",
"relates_to_product_reference": "8Base-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-vmware@sha256:463d9cedb17f2c73f9826141cff4db72c8036b3504dfb1e2892c5928cac7ce02_amd64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:463d9cedb17f2c73f9826141cff4db72c8036b3504dfb1e2892c5928cac7ce02_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-vmware@sha256:463d9cedb17f2c73f9826141cff4db72c8036b3504dfb1e2892c5928cac7ce02_amd64",
"relates_to_product_reference": "8Base-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/node-maintenance-operator@sha256:5dbe0b381d7db82b09c8c56b89a3c3fb5765e48f239ba092482247674ef9db25_amd64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:5dbe0b381d7db82b09c8c56b89a3c3fb5765e48f239ba092482247674ef9db25_amd64"
},
"product_reference": "container-native-virtualization/node-maintenance-operator@sha256:5dbe0b381d7db82b09c8c56b89a3c3fb5765e48f239ba092482247674ef9db25_amd64",
"relates_to_product_reference": "8Base-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller-rhel8@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"relates_to_product_reference": "8Base-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"relates_to_product_reference": "8Base-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:0599dbcdd281283ab17d8f758a59e893e21a5459217e7c723e3621c5ca890d73_amd64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:0599dbcdd281283ab17d8f758a59e893e21a5459217e7c723e3621c5ca890d73_amd64"
},
"product_reference": "container-native-virtualization/vm-import-operator-rhel8@sha256:0599dbcdd281283ab17d8f758a59e893e21a5459217e7c723e3621c5ca890d73_amd64",
"relates_to_product_reference": "8Base-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:c7593fb08d76457327f38f8a146a01fca13ac7c8eeb990bb9b5bd9028368f8dd_amd64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:c7593fb08d76457327f38f8a146a01fca13ac7c8eeb990bb9b5bd9028368f8dd_amd64"
},
"product_reference": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:c7593fb08d76457327f38f8a146a01fca13ac7c8eeb990bb9b5bd9028368f8dd_amd64",
"relates_to_product_reference": "8Base-CNV-4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:aba87ec7c157d63dee9d025ef57dead5f3d8feb0a5e0f52ff217f4747b02cfd6_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:4cec70b8f22c1c9bb4f623374f7fffd4edff33eee91217a0bae4b89a5ef4ab98_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:463d9cedb17f2c73f9826141cff4db72c8036b3504dfb1e2892c5928cac7ce02_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:5dbe0b381d7db82b09c8c56b89a3c3fb5765e48f239ba092482247674ef9db25_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:0599dbcdd281283ab17d8f758a59e893e21a5459217e7c723e3621c5ca890d73_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:c7593fb08d76457327f38f8a146a01fca13ac7c8eeb990bb9b5bd9028368f8dd_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:aba87ec7c157d63dee9d025ef57dead5f3d8feb0a5e0f52ff217f4747b02cfd6_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:4cec70b8f22c1c9bb4f623374f7fffd4edff33eee91217a0bae4b89a5ef4ab98_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:463d9cedb17f2c73f9826141cff4db72c8036b3504dfb1e2892c5928cac7ce02_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:5dbe0b381d7db82b09c8c56b89a3c3fb5765e48f239ba092482247674ef9db25_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:0599dbcdd281283ab17d8f758a59e893e21a5459217e7c723e3621c5ca890d73_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:c7593fb08d76457327f38f8a146a01fca13ac7c8eeb990bb9b5bd9028368f8dd_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4914"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:aba87ec7c157d63dee9d025ef57dead5f3d8feb0a5e0f52ff217f4747b02cfd6_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:4cec70b8f22c1c9bb4f623374f7fffd4edff33eee91217a0bae4b89a5ef4ab98_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:463d9cedb17f2c73f9826141cff4db72c8036b3504dfb1e2892c5928cac7ce02_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:5dbe0b381d7db82b09c8c56b89a3c3fb5765e48f239ba092482247674ef9db25_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:0599dbcdd281283ab17d8f758a59e893e21a5459217e7c723e3621c5ca890d73_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:c7593fb08d76457327f38f8a146a01fca13ac7c8eeb990bb9b5bd9028368f8dd_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:aba87ec7c157d63dee9d025ef57dead5f3d8feb0a5e0f52ff217f4747b02cfd6_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:4cec70b8f22c1c9bb4f623374f7fffd4edff33eee91217a0bae4b89a5ef4ab98_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:463d9cedb17f2c73f9826141cff4db72c8036b3504dfb1e2892c5928cac7ce02_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:5dbe0b381d7db82b09c8c56b89a3c3fb5765e48f239ba092482247674ef9db25_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:0599dbcdd281283ab17d8f758a59e893e21a5459217e7c723e3621c5ca890d73_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:c7593fb08d76457327f38f8a146a01fca13ac7c8eeb990bb9b5bd9028368f8dd_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-34558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1983596"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate\u0027s private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0\u20131.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This vulnerability potentially affects any component written in Go that uses crypto/tls from the standard library. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components: \n - OpenShift Container Platform\n - OpenShift distributed tracing (formerly OpenShift Jaeger)\n - OpenShift Migration Toolkit for Containers\n - Red Hat Advanced Cluster Management for Kubernetes\n - Red Hat OpenShift on AWS\n - Red Hat OpenShift Virtualization\n\n* Because OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:aba87ec7c157d63dee9d025ef57dead5f3d8feb0a5e0f52ff217f4747b02cfd6_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:4cec70b8f22c1c9bb4f623374f7fffd4edff33eee91217a0bae4b89a5ef4ab98_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:463d9cedb17f2c73f9826141cff4db72c8036b3504dfb1e2892c5928cac7ce02_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:5dbe0b381d7db82b09c8c56b89a3c3fb5765e48f239ba092482247674ef9db25_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:0599dbcdd281283ab17d8f758a59e893e21a5459217e7c723e3621c5ca890d73_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:c7593fb08d76457327f38f8a146a01fca13ac7c8eeb990bb9b5bd9028368f8dd_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34558"
},
{
"category": "external",
"summary": "RHBZ#1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.15.minor",
"url": "https://golang.org/doc/devel/release#go1.15.minor"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.16.minor",
"url": "https://golang.org/doc/devel/release#go1.16.minor"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:aba87ec7c157d63dee9d025ef57dead5f3d8feb0a5e0f52ff217f4747b02cfd6_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:4cec70b8f22c1c9bb4f623374f7fffd4edff33eee91217a0bae4b89a5ef4ab98_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:463d9cedb17f2c73f9826141cff4db72c8036b3504dfb1e2892c5928cac7ce02_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:5dbe0b381d7db82b09c8c56b89a3c3fb5765e48f239ba092482247674ef9db25_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:0599dbcdd281283ab17d8f758a59e893e21a5459217e7c723e3621c5ca890d73_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:c7593fb08d76457327f38f8a146a01fca13ac7c8eeb990bb9b5bd9028368f8dd_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4914"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:aba87ec7c157d63dee9d025ef57dead5f3d8feb0a5e0f52ff217f4747b02cfd6_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:4cec70b8f22c1c9bb4f623374f7fffd4edff33eee91217a0bae4b89a5ef4ab98_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:463d9cedb17f2c73f9826141cff4db72c8036b3504dfb1e2892c5928cac7ce02_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:5dbe0b381d7db82b09c8c56b89a3c3fb5765e48f239ba092482247674ef9db25_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:0599dbcdd281283ab17d8f758a59e893e21a5459217e7c723e3621c5ca890d73_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:c7593fb08d76457327f38f8a146a01fca13ac7c8eeb990bb9b5bd9028368f8dd_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:aba87ec7c157d63dee9d025ef57dead5f3d8feb0a5e0f52ff217f4747b02cfd6_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:4cec70b8f22c1c9bb4f623374f7fffd4edff33eee91217a0bae4b89a5ef4ab98_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:463d9cedb17f2c73f9826141cff4db72c8036b3504dfb1e2892c5928cac7ce02_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:5dbe0b381d7db82b09c8c56b89a3c3fb5765e48f239ba092482247674ef9db25_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:95165db1682a6ecaa4ed5156b7903cf80be348be39e30e2a6f683a54f9f919be_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:0599dbcdd281283ab17d8f758a59e893e21a5459217e7c723e3621c5ca890d73_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:c7593fb08d76457327f38f8a146a01fca13ac7c8eeb990bb9b5bd9028368f8dd_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic"
}
]
}
rhsa-2022_0561
Vulnerability from csaf_redhat
Published
2022-02-23 12:57
Modified
2022-02-23 12:57
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.9.22 security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.9.22 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container
Platform 4.9.22. See the following advisory for the RPM packages for this
release:
https://access.redhat.com/errata/RHSA-2022:0557
Space precludes documenting all of the container images in this advisory.
See the following Release Notes documentation, which will be updated
shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
You may download the oc tool and use it to inspect release image metadata
as follows:
(For x86_64 architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.6.20-x86_64
The image digest is
sha256:912e4b9986f690b894fcb740881e780600e12ab22f128f6f873bc4e1fcda8d13
(For s390x architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.6.20-s390x
The image digest is
sha256:fa19f34390bc50968af736bdedb193b36d5d832b1090bf215e1fe279f05d6c94
(For ppc64le architecture)
$ oc adm release info
quay.io/openshift-release-dev/ocp-release:4.6.20-ppc64le
The image digest is
sha256:857cab82eba0ad370669258da450b89d8c6e5cea25c61ee930f9e30bfcd515dd
All OpenShift Container Platform 4.9 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 2023 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.9.22 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.9.22. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHSA-2022:0557\n\nSpace precludes documenting all of the container images in this advisory.\nSee the following Release Notes documentation, which will be updated\nshortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nYou may download the oc tool and use it to inspect release image metadata\nas follows:\n\n(For x86_64 architecture)\n\n$ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.6.20-x86_64\n\nThe image digest is\nsha256:912e4b9986f690b894fcb740881e780600e12ab22f128f6f873bc4e1fcda8d13\n\n(For s390x architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.6.20-s390x\n\nThe image digest is\nsha256:fa19f34390bc50968af736bdedb193b36d5d832b1090bf215e1fe279f05d6c94\n\n(For ppc64le architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.6.20-ppc64le\n\nThe image digest is\nsha256:857cab82eba0ad370669258da450b89d8c6e5cea25c61ee930f9e30bfcd515dd\n\nAll OpenShift Container Platform 4.9 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0561",
"url": "https://access.redhat.com/errata/RHSA-2022:0561"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0561.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.9.22 security update",
"tracking": {
"current_release_date": "2022-02-23T12:57:00Z",
"generator": {
"date": "2023-07-01T05:21:00Z",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.18.0"
}
},
"id": "RHSA-2022:0561",
"initial_release_date": "2022-02-23T12:57:00Z",
"revision_history": [
{
"date": "2022-02-23T12:57:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.9",
"product": {
"name": "Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"category": "product_version",
"name": "openshift4/egress-router-cni-alt-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"product": {
"name": "openshift4/egress-router-cni-alt-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"product_id": "openshift4/egress-router-cni-alt-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/egress-router-cni-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"product": {
"name": "openshift4/egress-router-cni-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"product_id": "openshift4/egress-router-cni-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/network-tools-rhel8:v4.9.0-202202140924.p0.ged0b846.assembly.stream",
"product": {
"name": "openshift4/network-tools-rhel8:v4.9.0-202202140924.p0.ged0b846.assembly.stream",
"product_id": "openshift4/network-tools-rhel8:v4.9.0-202202140924.p0.ged0b846.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.g18d82a6.assembly.stream",
"product": {
"name": "openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.g18d82a6.assembly.stream",
"product_id": "openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.g18d82a6.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.ge8e2cb3.assembly.stream",
"product": {
"name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.ge8e2cb3.assembly.stream",
"product_id": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.ge8e2cb3.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202202120107.p0.g26f1b6f.assembly.stream",
"product": {
"name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202202120107.p0.g26f1b6f.assembly.stream",
"product_id": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202202120107.p0.g26f1b6f.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-aws-machine-controllers:v4.9.0-202202120107.p0.g8226e86.assembly.stream",
"product": {
"name": "openshift4/ose-aws-machine-controllers:v4.9.0-202202120107.p0.g8226e86.assembly.stream",
"product_id": "openshift4/ose-aws-machine-controllers:v4.9.0-202202120107.p0.g8226e86.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202202120107.p0.g37a1328.assembly.stream",
"product": {
"name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202202120107.p0.g37a1328.assembly.stream",
"product_id": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202202120107.p0.g37a1328.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"product": {
"name": "openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"product_id": "openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"product": {
"name": "openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"product_id": "openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g15e474c.assembly.stream",
"product": {
"name": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g15e474c.assembly.stream",
"product_id": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g15e474c.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202202120107.p0.gade7373.assembly.stream",
"product": {
"name": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202202120107.p0.gade7373.assembly.stream",
"product_id": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202202120107.p0.gade7373.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-azure-machine-controllers:v4.9.0-202202120107.p0.g3bf2b7f.assembly.stream",
"product": {
"name": "openshift4/ose-azure-machine-controllers:v4.9.0-202202120107.p0.g3bf2b7f.assembly.stream",
"product_id": "openshift4/ose-azure-machine-controllers:v4.9.0-202202120107.p0.g3bf2b7f.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-installer-rhel8:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"product": {
"name": "openshift4/ose-baremetal-installer-rhel8:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"product_id": "openshift4/ose-baremetal-installer-rhel8:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-machine-controllers:v4.9.0-202202120107.p0.g1c81cab.assembly.stream",
"product": {
"name": "openshift4/ose-baremetal-machine-controllers:v4.9.0-202202120107.p0.g1c81cab.assembly.stream",
"product_id": "openshift4/ose-baremetal-machine-controllers:v4.9.0-202202120107.p0.g1c81cab.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-rhel8-operator:v4.9.0-202202120107.p0.g6e62a54.assembly.stream",
"product": {
"name": "openshift4/ose-baremetal-rhel8-operator:v4.9.0-202202120107.p0.g6e62a54.assembly.stream",
"product_id": "openshift4/ose-baremetal-rhel8-operator:v4.9.0-202202120107.p0.g6e62a54.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202202152352.p0.g5113d1b.assembly.stream",
"product": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202202152352.p0.g5113d1b.assembly.stream",
"product_id": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202202152352.p0.g5113d1b.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"product": {
"name": "openshift4/ose-cli-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"product_id": "openshift4/ose-cli-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"product": {
"name": "openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"product_id": "openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-artifacts:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"product": {
"name": "openshift4/ose-cli-artifacts:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"product_id": "openshift4/ose-cli-artifacts:v4.9.0-202202140924.p0.g340e212.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"product": {
"name": "openshift4/ose-cli:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"product_id": "openshift4/ose-cli:v4.9.0-202202140924.p0.g340e212.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cloud-credential-operator:v4.9.0-202202120107.p0.gd642d11.assembly.stream",
"product": {
"name": "openshift4/ose-cloud-credential-operator:v4.9.0-202202120107.p0.gd642d11.assembly.stream",
"product_id": "openshift4/ose-cloud-credential-operator:v4.9.0-202202120107.p0.gd642d11.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-authentication-operator:v4.9.0-202202120107.p0.g1d05f80.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-authentication-operator:v4.9.0-202202120107.p0.g1d05f80.assembly.stream",
"product_id": "openshift4/ose-cluster-authentication-operator:v4.9.0-202202120107.p0.g1d05f80.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-autoscaler-operator:v4.9.0-202202120107.p0.gbc20153.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-autoscaler-operator:v4.9.0-202202120107.p0.gbc20153.assembly.stream",
"product_id": "openshift4/ose-cluster-autoscaler-operator:v4.9.0-202202120107.p0.gbc20153.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-autoscaler:v4.9.0-202202120107.p0.g68fe93a.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-autoscaler:v4.9.0-202202120107.p0.g68fe93a.assembly.stream",
"product_id": "openshift4/ose-cluster-autoscaler:v4.9.0-202202120107.p0.g68fe93a.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202202120107.p0.g10af6a9.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202202120107.p0.g10af6a9.assembly.stream",
"product_id": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202202120107.p0.g10af6a9.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-bootstrap:v4.9.0-202202120107.p0.g7e074a7.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-bootstrap:v4.9.0-202202120107.p0.g7e074a7.assembly.stream",
"product_id": "openshift4/ose-cluster-bootstrap:v4.9.0-202202120107.p0.g7e074a7.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202202120107.p0.g1826b16.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202202120107.p0.g1826b16.assembly.stream",
"product_id": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202202120107.p0.g1826b16.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-config-operator:v4.9.0-202202120107.p0.g184a513.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-config-operator:v4.9.0-202202120107.p0.g184a513.assembly.stream",
"product_id": "openshift4/ose-cluster-config-operator:v4.9.0-202202120107.p0.g184a513.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202202120107.p0.gc750d4b.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202202120107.p0.gc750d4b.assembly.stream",
"product_id": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202202120107.p0.gc750d4b.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-dns-operator:v4.9.0-202202120107.p0.geedd0dc.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-dns-operator:v4.9.0-202202120107.p0.geedd0dc.assembly.stream",
"product_id": "openshift4/ose-cluster-dns-operator:v4.9.0-202202120107.p0.geedd0dc.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202202120107.p0.g19c4e72.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202202120107.p0.g19c4e72.assembly.stream",
"product_id": "openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202202120107.p0.g19c4e72.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-image-registry-operator:v4.9.0-202202120107.p0.gd886c13.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-image-registry-operator:v4.9.0-202202120107.p0.gd886c13.assembly.stream",
"product_id": "openshift4/ose-cluster-image-registry-operator:v4.9.0-202202120107.p0.gd886c13.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-ingress-operator:v4.9.0-202202120107.p0.g07c25a6.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-ingress-operator:v4.9.0-202202120107.p0.g07c25a6.assembly.stream",
"product_id": "openshift4/ose-cluster-ingress-operator:v4.9.0-202202120107.p0.g07c25a6.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202202120107.p0.ga895470.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202202120107.p0.ga895470.assembly.stream",
"product_id": "openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202202120107.p0.ga895470.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202202120107.p0.g78b8e48.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202202120107.p0.g78b8e48.assembly.stream",
"product_id": "openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202202120107.p0.g78b8e48.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202202120107.p0.g5694bdd.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202202120107.p0.g5694bdd.assembly.stream",
"product_id": "openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202202120107.p0.g5694bdd.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202202120107.p0.g7245b0f.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202202120107.p0.g7245b0f.assembly.stream",
"product_id": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202202120107.p0.g7245b0f.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-machine-approver:v4.9.0-202202120107.p0.g993ec9f.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-machine-approver:v4.9.0-202202120107.p0.g993ec9f.assembly.stream",
"product_id": "openshift4/ose-cluster-machine-approver:v4.9.0-202202120107.p0.g993ec9f.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-monitoring-operator:v4.9.0-202202120107.p0.gae7b0a3.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-monitoring-operator:v4.9.0-202202120107.p0.gae7b0a3.assembly.stream",
"product_id": "openshift4/ose-cluster-monitoring-operator:v4.9.0-202202120107.p0.gae7b0a3.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-network-operator:v4.9.0-202202152352.p0.g4d93655.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-network-operator:v4.9.0-202202152352.p0.g4d93655.assembly.stream",
"product_id": "openshift4/ose-cluster-network-operator:v4.9.0-202202152352.p0.g4d93655.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-node-tuning-operator:v4.9.0-202202120107.p0.gce0b3ae.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-node-tuning-operator:v4.9.0-202202120107.p0.gce0b3ae.assembly.stream",
"product_id": "openshift4/ose-cluster-node-tuning-operator:v4.9.0-202202120107.p0.gce0b3ae.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202202120107.p0.gd293c31.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202202120107.p0.gd293c31.assembly.stream",
"product_id": "openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202202120107.p0.gd293c31.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202202120107.p0.g3015cb8.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202202120107.p0.g3015cb8.assembly.stream",
"product_id": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202202120107.p0.g3015cb8.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202202120107.p0.g8fbffaf.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202202120107.p0.g8fbffaf.assembly.stream",
"product_id": "openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202202120107.p0.g8fbffaf.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-samples-operator:v4.9.0-202202120107.p0.g9b0a9d7.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-samples-operator:v4.9.0-202202120107.p0.g9b0a9d7.assembly.stream",
"product_id": "openshift4/ose-cluster-samples-operator:v4.9.0-202202120107.p0.g9b0a9d7.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-storage-operator:v4.9.0-202202120107.p0.g2e76e02.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-storage-operator:v4.9.0-202202120107.p0.g2e76e02.assembly.stream",
"product_id": "openshift4/ose-cluster-storage-operator:v4.9.0-202202120107.p0.g2e76e02.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-version-operator:v4.9.0-202202120107.p0.gf2551e5.assembly.stream",
"product": {
"name": "openshift4/ose-cluster-version-operator:v4.9.0-202202120107.p0.gf2551e5.assembly.stream",
"product_id": "openshift4/ose-cluster-version-operator:v4.9.0-202202120107.p0.gf2551e5.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-configmap-reloader:v4.9.0-202202120107.p0.gb84b5bf.assembly.stream",
"product": {
"name": "openshift4/ose-configmap-reloader:v4.9.0-202202120107.p0.gb84b5bf.assembly.stream",
"product_id": "openshift4/ose-configmap-reloader:v4.9.0-202202120107.p0.gb84b5bf.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-console-operator:v4.9.0-202202120107.p0.gfdcb82f.assembly.stream",
"product": {
"name": "openshift4/ose-console-operator:v4.9.0-202202120107.p0.gfdcb82f.assembly.stream",
"product_id": "openshift4/ose-console-operator:v4.9.0-202202120107.p0.gfdcb82f.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-console:v4.9.0-202202151621.p0.gc60ddb0.assembly.stream",
"product": {
"name": "openshift4/ose-console:v4.9.0-202202151621.p0.gc60ddb0.assembly.stream",
"product_id": "openshift4/ose-console:v4.9.0-202202151621.p0.gc60ddb0.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"product": {
"name": "openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"product_id": "openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"product": {
"name": "openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"product_id": "openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-coredns:v4.9.0-202202120107.p0.g3cb11c0.assembly.stream",
"product": {
"name": "openshift4/ose-coredns:v4.9.0-202202120107.p0.g3cb11c0.assembly.stream",
"product_id": "openshift4/ose-coredns:v4.9.0-202202120107.p0.g3cb11c0.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202202120107.p0.gfd2d838.assembly.stream",
"product": {
"name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202202120107.p0.gfd2d838.assembly.stream",
"product_id": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202202120107.p0.gfd2d838.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"product": {
"name": "openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"product_id": "openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202202120107.p0.g0e0c173.assembly.stream",
"product": {
"name": "openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202202120107.p0.g0e0c173.assembly.stream",
"product_id": "openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202202120107.p0.g0e0c173.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"product": {
"name": "openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"product_id": "openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202202120107.p0.g0a1737c.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-attacher:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"product": {
"name": "openshift4/ose-csi-external-attacher:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"product_id": "openshift4/ose-csi-external-attacher:v4.9.0-202202120107.p0.g0a1737c.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-provisioner-rhel8:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"product": {
"name": "openshift4/ose-csi-external-provisioner-rhel8:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"product_id": "openshift4/ose-csi-external-provisioner-rhel8:v4.9.0-202202120107.p0.g7736e72.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-provisioner:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"product": {
"name": "openshift4/ose-csi-external-provisioner:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"product_id": "openshift4/ose-csi-external-provisioner:v4.9.0-202202120107.p0.g7736e72.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"product": {
"name": "openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"product_id": "openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202202120107.p0.gdad46d0.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-resizer:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"product": {
"name": "openshift4/ose-csi-external-resizer:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"product_id": "openshift4/ose-csi-external-resizer:v4.9.0-202202120107.p0.gdad46d0.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"product": {
"name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"product_id": "openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-snapshotter:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"product": {
"name": "openshift4/ose-csi-external-snapshotter:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"product_id": "openshift4/ose-csi-external-snapshotter:v4.9.0-202202120107.p0.g52ab893.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-livenessprobe-rhel8:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"product": {
"name": "openshift4/ose-csi-livenessprobe-rhel8:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"product_id": "openshift4/ose-csi-livenessprobe-rhel8:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-livenessprobe:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"product": {
"name": "openshift4/ose-csi-livenessprobe:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"product_id": "openshift4/ose-csi-livenessprobe:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"product": {
"name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"product_id": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.9.0-202202120107.p0.g3e02b07.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-node-driver-registrar:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"product": {
"name": "openshift4/ose-csi-node-driver-registrar:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"product_id": "openshift4/ose-csi-node-driver-registrar:v4.9.0-202202120107.p0.g3e02b07.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"product": {
"name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"product_id": "openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-snapshot-controller:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"product": {
"name": "openshift4/ose-csi-snapshot-controller:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"product_id": "openshift4/ose-csi-snapshot-controller:v4.9.0-202202120107.p0.g52ab893.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"product": {
"name": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"product_id": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-deployer:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"product": {
"name": "openshift4/ose-deployer:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"product_id": "openshift4/ose-deployer:v4.9.0-202202140924.p0.g340e212.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-builder:v4.9.0-202202120107.p0.g7e2e890.assembly.stream",
"product": {
"name": "openshift4/ose-docker-builder:v4.9.0-202202120107.p0.g7e2e890.assembly.stream",
"product_id": "openshift4/ose-docker-builder:v4.9.0-202202120107.p0.g7e2e890.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-registry:v4.9.0-202202131427.p0.gab2eaa5.assembly.stream",
"product": {
"name": "openshift4/ose-docker-registry:v4.9.0-202202131427.p0.gab2eaa5.assembly.stream",
"product_id": "openshift4/ose-docker-registry:v4.9.0-202202131427.p0.gab2eaa5.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-etcd:v4.9.0-202202120107.p0.gf99cada.assembly.stream",
"product": {
"name": "openshift4/ose-etcd:v4.9.0-202202120107.p0.gf99cada.assembly.stream",
"product_id": "openshift4/ose-etcd:v4.9.0-202202120107.p0.gf99cada.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202202120107.p0.gd92b088.assembly.stream",
"product": {
"name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202202120107.p0.gd92b088.assembly.stream",
"product_id": "openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202202120107.p0.gd92b088.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.gd8a891d.assembly.stream",
"product": {
"name": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.gd8a891d.assembly.stream",
"product_id": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.gd8a891d.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202202120107.p0.g48d49f7.assembly.stream",
"product": {
"name": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202202120107.p0.g48d49f7.assembly.stream",
"product_id": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202202120107.p0.g48d49f7.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-grafana:v4.9.0-202202120107.p0.g6130ba8.assembly.stream",
"product": {
"name": "openshift4/ose-grafana:v4.9.0-202202120107.p0.g6130ba8.assembly.stream",
"product_id": "openshift4/ose-grafana:v4.9.0-202202120107.p0.g6130ba8.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-haproxy-router:v4.9.0-202202120107.p0.g2d1e1f4.assembly.stream",
"product": {
"name": "openshift4/ose-haproxy-router:v4.9.0-202202120107.p0.g2d1e1f4.assembly.stream",
"product_id": "openshift4/ose-haproxy-router:v4.9.0-202202120107.p0.g2d1e1f4.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-hyperkube:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"product": {
"name": "openshift4/ose-hyperkube:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"product_id": "openshift4/ose-hyperkube:v4.9.0-202202120107.p0.gb93fd35.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-insights-rhel8-operator:v4.9.0-202202120107.p0.g3f1401a.assembly.stream",
"product": {
"name": "openshift4/ose-insights-rhel8-operator:v4.9.0-202202120107.p0.g3f1401a.assembly.stream",
"product_id": "openshift4/ose-insights-rhel8-operator:v4.9.0-202202120107.p0.g3f1401a.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer-artifacts:v4.9.0-202202120417.p0.ge9a66d5.assembly.stream",
"product": {
"name": "openshift4/ose-installer-artifacts:v4.9.0-202202120417.p0.ge9a66d5.assembly.stream",
"product_id": "openshift4/ose-installer-artifacts:v4.9.0-202202120417.p0.ge9a66d5.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"product": {
"name": "openshift4/ose-installer:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"product_id": "openshift4/ose-installer:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202202120107.p0.g90b5722.assembly.stream",
"product": {
"name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202202120107.p0.g90b5722.assembly.stream",
"product_id": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202202120107.p0.g90b5722.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-base:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"product": {
"name": "openshift4/ose-jenkins-agent-base:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"product_id": "openshift4/ose-jenkins-agent-base:v4.9.0-202202140924.p0.gaf84740.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-maven:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"product": {
"name": "openshift4/ose-jenkins-agent-maven:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"product_id": "openshift4/ose-jenkins-agent-maven:v4.9.0-202202140924.p0.gaf84740.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"product_id": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202202140924.p0.gaf84740.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"product": {
"name": "openshift4/ose-jenkins:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"product_id": "openshift4/ose-jenkins:v4.9.0-202202140924.p0.gaf84740.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-k8s-prometheus-adapter:v4.9.0-202202120107.p0.gadfdd41.assembly.stream",
"product": {
"name": "openshift4/ose-k8s-prometheus-adapter:v4.9.0-202202120107.p0.gadfdd41.assembly.stream",
"product_id": "openshift4/ose-k8s-prometheus-adapter:v4.9.0-202202120107.p0.gadfdd41.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-proxy:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"product": {
"name": "openshift4/ose-kube-proxy:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"product_id": "openshift4/ose-kube-proxy:v4.9.0-202202120107.p0.gecd60f9.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-rbac-proxy:v4.9.0-202202120107.p0.g58e0929.assembly.stream",
"product": {
"name": "openshift4/ose-kube-rbac-proxy:v4.9.0-202202120107.p0.g58e0929.assembly.stream",
"product_id": "openshift4/ose-kube-rbac-proxy:v4.9.0-202202120107.p0.g58e0929.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-state-metrics:v4.9.0-202202120107.p0.g6e41dbd.assembly.stream",
"product": {
"name": "openshift4/ose-kube-state-metrics:v4.9.0-202202120107.p0.g6e41dbd.assembly.stream",
"product_id": "openshift4/ose-kube-state-metrics:v4.9.0-202202120107.p0.g6e41dbd.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202202120107.p0.g901a6d2.assembly.stream",
"product": {
"name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202202120107.p0.g901a6d2.assembly.stream",
"product_id": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202202120107.p0.g901a6d2.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-kuryr-cni-rhel8:v4.9.0-202202120107.p0.g1e8c94f.assembly.stream",
"product": {
"name": "openshift4/ose-kuryr-cni-rhel8:v4.9.0-202202120107.p0.g1e8c94f.assembly.stream",
"product_id": "openshift4/ose-kuryr-cni-rhel8:v4.9.0-202202120107.p0.g1e8c94f.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-libvirt-machine-controllers:v4.9.0-202202120107.p0.g59ae2ed.assembly.stream",
"product": {
"name": "openshift4/ose-libvirt-machine-controllers:v4.9.0-202202120107.p0.g59ae2ed.assembly.stream",
"product_id": "openshift4/ose-libvirt-machine-controllers:v4.9.0-202202120107.p0.g59ae2ed.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-api-operator:v4.9.0-202202120107.p0.g383c9b9.assembly.stream",
"product": {
"name": "openshift4/ose-machine-api-operator:v4.9.0-202202120107.p0.g383c9b9.assembly.stream",
"product_id": "openshift4/ose-machine-api-operator:v4.9.0-202202120107.p0.g383c9b9.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-config-operator:v4.9.0-202202150825.p0.gd84a7f9.assembly.stream",
"product": {
"name": "openshift4/ose-machine-config-operator:v4.9.0-202202150825.p0.gd84a7f9.assembly.stream",
"product_id": "openshift4/ose-machine-config-operator:v4.9.0-202202150825.p0.gd84a7f9.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-mdns-publisher-rhel8:v4.9.0-202202120107.p0.g266597b.assembly.stream",
"product": {
"name": "openshift4/ose-mdns-publisher-rhel8:v4.9.0-202202120107.p0.g266597b.assembly.stream",
"product_id": "openshift4/ose-mdns-publisher-rhel8:v4.9.0-202202120107.p0.g266597b.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-admission-controller:v4.9.0-202202120107.p0.g3c28a57.assembly.stream",
"product": {
"name": "openshift4/ose-multus-admission-controller:v4.9.0-202202120107.p0.g3c28a57.assembly.stream",
"product_id": "openshift4/ose-multus-admission-controller:v4.9.0-202202120107.p0.g3c28a57.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"product": {
"name": "openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"product_id": "openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202202120107.p0.gc249937.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-cni:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"product": {
"name": "openshift4/ose-multus-cni:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"product_id": "openshift4/ose-multus-cni:v4.9.0-202202120107.p0.gc249937.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202202120107.p0.gfd12fed.assembly.stream",
"product": {
"name": "openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202202120107.p0.gfd12fed.assembly.stream",
"product_id": "openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202202120107.p0.gfd12fed.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"product": {
"name": "openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"product_id": "openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"product": {
"name": "openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"product_id": "openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"product": {
"name": "openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"product_id": "openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"product": {
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"product_id": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-must-gather:v4.9.0-202202141138.p0.gb181f1f.assembly.stream",
"product": {
"name": "openshift4/ose-must-gather:v4.9.0-202202141138.p0.gb181f1f.assembly.stream",
"product_id": "openshift4/ose-must-gather:v4.9.0-202202141138.p0.gb181f1f.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202202120107.p0.g9fd6103.assembly.stream",
"product": {
"name": "openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202202120107.p0.g9fd6103.assembly.stream",
"product_id": "openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202202120107.p0.g9fd6103.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202202120107.p0.g8b203f9.assembly.stream",
"product": {
"name": "openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202202120107.p0.g8b203f9.assembly.stream",
"product_id": "openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202202120107.p0.g8b203f9.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-oauth-proxy:v4.9.0-202202120107.p0.g9ea1ebc.assembly.stream",
"product": {
"name": "openshift4/ose-oauth-proxy:v4.9.0-202202120107.p0.g9ea1ebc.assembly.stream",
"product_id": "openshift4/ose-oauth-proxy:v4.9.0-202202120107.p0.g9ea1ebc.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-oauth-server-rhel8:v4.9.0-202202120107.p0.g1ee9925.assembly.stream",
"product": {
"name": "openshift4/ose-oauth-server-rhel8:v4.9.0-202202120107.p0.g1ee9925.assembly.stream",
"product_id": "openshift4/ose-oauth-server-rhel8:v4.9.0-202202120107.p0.g1ee9925.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202202161322.p0.gfe6dc77.assembly.stream",
"product": {
"name": "openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202202161322.p0.gfe6dc77.assembly.stream",
"product_id": "openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202202161322.p0.gfe6dc77.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202202120107.p0.g79857a3.assembly.stream",
"product": {
"name": "openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202202120107.p0.g79857a3.assembly.stream",
"product_id": "openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202202120107.p0.g79857a3.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202202120107.p0.g689af8b.assembly.stream",
"product": {
"name": "openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202202120107.p0.g689af8b.assembly.stream",
"product_id": "openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202202120107.p0.g689af8b.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g56efc78.assembly.stream",
"product": {
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g56efc78.assembly.stream",
"product_id": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g56efc78.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"product": {
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"product_id": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"product": {
"name": "openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"product_id": "openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-openstack-machine-controllers:v4.9.0-202202120107.p0.ga7442bb.assembly.stream",
"product": {
"name": "openshift4/ose-openstack-machine-controllers:v4.9.0-202202120107.p0.ga7442bb.assembly.stream",
"product_id": "openshift4/ose-openstack-machine-controllers:v4.9.0-202202120107.p0.ga7442bb.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-lifecycle-manager:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"product": {
"name": "openshift4/ose-operator-lifecycle-manager:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"product_id": "openshift4/ose-operator-lifecycle-manager:v4.9.0-202202120107.p0.g3cd421d.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-marketplace:v4.9.0-202202120107.p0.g8594727.assembly.stream",
"product": {
"name": "openshift4/ose-operator-marketplace:v4.9.0-202202120107.p0.g8594727.assembly.stream",
"product_id": "openshift4/ose-operator-marketplace:v4.9.0-202202120107.p0.g8594727.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-registry:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"product": {
"name": "openshift4/ose-operator-registry:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"product_id": "openshift4/ose-operator-registry:v4.9.0-202202120107.p0.g3cd421d.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202202120107.p0.g15a6add.assembly.stream",
"product": {
"name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202202120107.p0.g15a6add.assembly.stream",
"product_id": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202202120107.p0.g15a6add.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes:v4.9.0-202202140924.p0.gce028c9.assembly.stream",
"product": {
"name": "openshift4/ose-ovn-kubernetes:v4.9.0-202202140924.p0.gce028c9.assembly.stream",
"product_id": "openshift4/ose-ovn-kubernetes:v4.9.0-202202140924.p0.gce028c9.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-pod:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"product": {
"name": "openshift4/ose-pod:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"product_id": "openshift4/ose-pod:v4.9.0-202202120107.p0.gb93fd35.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-prom-label-proxy:v4.9.0-202202120107.p0.g9f870bf.assembly.stream",
"product": {
"name": "openshift4/ose-prom-label-proxy:v4.9.0-202202120107.p0.g9f870bf.assembly.stream",
"product_id": "openshift4/ose-prom-label-proxy:v4.9.0-202202120107.p0.g9f870bf.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus-alertmanager:v4.9.0-202202120107.p0.g579e3c6.assembly.stream",
"product": {
"name": "openshift4/ose-prometheus-alertmanager:v4.9.0-202202120107.p0.g579e3c6.assembly.stream",
"product_id": "openshift4/ose-prometheus-alertmanager:v4.9.0-202202120107.p0.g579e3c6.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus-config-reloader:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"product": {
"name": "openshift4/ose-prometheus-config-reloader:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"product_id": "openshift4/ose-prometheus-config-reloader:v4.9.0-202202120107.p0.g0869335.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus-node-exporter:v4.9.0-202202120107.p0.g1ab97f3.assembly.stream",
"product": {
"name": "openshift4/ose-prometheus-node-exporter:v4.9.0-202202120107.p0.g1ab97f3.assembly.stream",
"product_id": "openshift4/ose-prometheus-node-exporter:v4.9.0-202202120107.p0.g1ab97f3.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus-operator:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"product": {
"name": "openshift4/ose-prometheus-operator:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"product_id": "openshift4/ose-prometheus-operator:v4.9.0-202202120107.p0.g0869335.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus:v4.9.0-202202120107.p0.g3197fa7.assembly.stream",
"product": {
"name": "openshift4/ose-prometheus:v4.9.0-202202120107.p0.g3197fa7.assembly.stream",
"product_id": "openshift4/ose-prometheus:v4.9.0-202202120107.p0.g3197fa7.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-sdn-rhel8:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"product": {
"name": "openshift4/ose-sdn-rhel8:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"product_id": "openshift4/ose-sdn-rhel8:v4.9.0-202202120107.p0.gecd60f9.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-ca-operator:v4.9.0-202202120107.p0.gab44f58.assembly.stream",
"product": {
"name": "openshift4/ose-service-ca-operator:v4.9.0-202202120107.p0.gab44f58.assembly.stream",
"product_id": "openshift4/ose-service-ca-operator:v4.9.0-202202120107.p0.gab44f58.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-telemeter:v4.9.0-202202120107.p0.g03842e0.assembly.stream",
"product": {
"name": "openshift4/ose-telemeter:v4.9.0-202202120107.p0.g03842e0.assembly.stream",
"product_id": "openshift4/ose-telemeter:v4.9.0-202202120107.p0.g03842e0.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests:v4.9.0-202202140924.p0.g932d502.assembly.stream",
"product": {
"name": "openshift4/ose-tests:v4.9.0-202202140924.p0.g932d502.assembly.stream",
"product_id": "openshift4/ose-tests:v4.9.0-202202140924.p0.g932d502.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-thanos-rhel8:v4.9.0-202202120107.p0.ge0fa82c.assembly.stream",
"product": {
"name": "openshift4/ose-thanos-rhel8:v4.9.0-202202120107.p0.ge0fa82c.assembly.stream",
"product_id": "openshift4/ose-thanos-rhel8:v4.9.0-202202120107.p0.ge0fa82c.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-tools-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"product": {
"name": "openshift4/ose-tools-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"product_id": "openshift4/ose-tools-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"product": {
"name": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"product_id": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"product": {
"name": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"product_id": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"product": {
"name": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"product_id": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"product": {
"name": "openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"product_id": "openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"product": {
"name": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"product_id": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202202120107.p0.gde8606f.assembly.stream",
"product": {
"name": "openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202202120107.p0.gde8606f.assembly.stream",
"product_id": "openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202202120107.p0.gde8606f.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g9302429.assembly.stream",
"product": {
"name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g9302429.assembly.stream",
"product_id": "openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g9302429.assembly.stream"
}
},
{
"category": "product_version",
"name": "openshift4/ovirt-csi-driver-rhel8:v4.9.0-202202120107.p0.gfe2a7fd.assembly.stream",
"product": {
"name": "openshift4/ovirt-csi-driver-rhel8:v4.9.0-202202120107.p0.gfe2a7fd.assembly.stream",
"product_id": "openshift4/ovirt-csi-driver-rhel8:v4.9.0-202202120107.p0.gfe2a7fd.assembly.stream"
}
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/egress-router-cni-alt-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream"
},
"product_reference": "openshift4/egress-router-cni-alt-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/egress-router-cni-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream"
},
"product_reference": "openshift4/egress-router-cni-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/network-tools-rhel8:v4.9.0-202202140924.p0.ged0b846.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202202140924.p0.ged0b846.assembly.stream"
},
"product_reference": "openshift4/network-tools-rhel8:v4.9.0-202202140924.p0.ged0b846.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.g18d82a6.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.g18d82a6.assembly.stream"
},
"product_reference": "openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.g18d82a6.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.ge8e2cb3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.ge8e2cb3.assembly.stream"
},
"product_reference": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.ge8e2cb3.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202202120107.p0.g26f1b6f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202202120107.p0.g26f1b6f.assembly.stream"
},
"product_reference": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202202120107.p0.g26f1b6f.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-aws-machine-controllers:v4.9.0-202202120107.p0.g8226e86.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202202120107.p0.g8226e86.assembly.stream"
},
"product_reference": "openshift4/ose-aws-machine-controllers:v4.9.0-202202120107.p0.g8226e86.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202202120107.p0.g37a1328.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202202120107.p0.g37a1328.assembly.stream"
},
"product_reference": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202202120107.p0.g37a1328.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream"
},
"product_reference": "openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream"
},
"product_reference": "openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g15e474c.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g15e474c.assembly.stream"
},
"product_reference": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g15e474c.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202202120107.p0.gade7373.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202202120107.p0.gade7373.assembly.stream"
},
"product_reference": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202202120107.p0.gade7373.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-azure-machine-controllers:v4.9.0-202202120107.p0.g3bf2b7f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202202120107.p0.g3bf2b7f.assembly.stream"
},
"product_reference": "openshift4/ose-azure-machine-controllers:v4.9.0-202202120107.p0.g3bf2b7f.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-installer-rhel8:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream"
},
"product_reference": "openshift4/ose-baremetal-installer-rhel8:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-machine-controllers:v4.9.0-202202120107.p0.g1c81cab.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202202120107.p0.g1c81cab.assembly.stream"
},
"product_reference": "openshift4/ose-baremetal-machine-controllers:v4.9.0-202202120107.p0.g1c81cab.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-rhel8-operator:v4.9.0-202202120107.p0.g6e62a54.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202202120107.p0.g6e62a54.assembly.stream"
},
"product_reference": "openshift4/ose-baremetal-rhel8-operator:v4.9.0-202202120107.p0.g6e62a54.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202202152352.p0.g5113d1b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202202152352.p0.g5113d1b.assembly.stream"
},
"product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202202152352.p0.g5113d1b.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream"
},
"product_reference": "openshift4/ose-cli-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream"
},
"product_reference": "openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-artifacts:v4.9.0-202202140924.p0.g340e212.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202202140924.p0.g340e212.assembly.stream"
},
"product_reference": "openshift4/ose-cli-artifacts:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli:v4.9.0-202202140924.p0.g340e212.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202202140924.p0.g340e212.assembly.stream"
},
"product_reference": "openshift4/ose-cli:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cloud-credential-operator:v4.9.0-202202120107.p0.gd642d11.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202202120107.p0.gd642d11.assembly.stream"
},
"product_reference": "openshift4/ose-cloud-credential-operator:v4.9.0-202202120107.p0.gd642d11.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-authentication-operator:v4.9.0-202202120107.p0.g1d05f80.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202202120107.p0.g1d05f80.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-authentication-operator:v4.9.0-202202120107.p0.g1d05f80.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-autoscaler-operator:v4.9.0-202202120107.p0.gbc20153.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202202120107.p0.gbc20153.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-autoscaler-operator:v4.9.0-202202120107.p0.gbc20153.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-autoscaler:v4.9.0-202202120107.p0.g68fe93a.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202202120107.p0.g68fe93a.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-autoscaler:v4.9.0-202202120107.p0.g68fe93a.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202202120107.p0.g10af6a9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202202120107.p0.g10af6a9.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202202120107.p0.g10af6a9.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-bootstrap:v4.9.0-202202120107.p0.g7e074a7.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202202120107.p0.g7e074a7.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-bootstrap:v4.9.0-202202120107.p0.g7e074a7.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202202120107.p0.g1826b16.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202202120107.p0.g1826b16.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202202120107.p0.g1826b16.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-config-operator:v4.9.0-202202120107.p0.g184a513.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202202120107.p0.g184a513.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-config-operator:v4.9.0-202202120107.p0.g184a513.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202202120107.p0.gc750d4b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202202120107.p0.gc750d4b.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202202120107.p0.gc750d4b.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-dns-operator:v4.9.0-202202120107.p0.geedd0dc.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202202120107.p0.geedd0dc.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-dns-operator:v4.9.0-202202120107.p0.geedd0dc.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202202120107.p0.g19c4e72.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202202120107.p0.g19c4e72.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202202120107.p0.g19c4e72.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-image-registry-operator:v4.9.0-202202120107.p0.gd886c13.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202202120107.p0.gd886c13.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-image-registry-operator:v4.9.0-202202120107.p0.gd886c13.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-ingress-operator:v4.9.0-202202120107.p0.g07c25a6.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202202120107.p0.g07c25a6.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-ingress-operator:v4.9.0-202202120107.p0.g07c25a6.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202202120107.p0.ga895470.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202202120107.p0.ga895470.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202202120107.p0.ga895470.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202202120107.p0.g78b8e48.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202202120107.p0.g78b8e48.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202202120107.p0.g78b8e48.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202202120107.p0.g5694bdd.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202202120107.p0.g5694bdd.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202202120107.p0.g5694bdd.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202202120107.p0.g7245b0f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202202120107.p0.g7245b0f.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202202120107.p0.g7245b0f.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-machine-approver:v4.9.0-202202120107.p0.g993ec9f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202202120107.p0.g993ec9f.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-machine-approver:v4.9.0-202202120107.p0.g993ec9f.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-monitoring-operator:v4.9.0-202202120107.p0.gae7b0a3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202202120107.p0.gae7b0a3.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-monitoring-operator:v4.9.0-202202120107.p0.gae7b0a3.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-network-operator:v4.9.0-202202152352.p0.g4d93655.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202202152352.p0.g4d93655.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-network-operator:v4.9.0-202202152352.p0.g4d93655.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-node-tuning-operator:v4.9.0-202202120107.p0.gce0b3ae.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202202120107.p0.gce0b3ae.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-node-tuning-operator:v4.9.0-202202120107.p0.gce0b3ae.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202202120107.p0.gd293c31.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202202120107.p0.gd293c31.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202202120107.p0.gd293c31.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202202120107.p0.g3015cb8.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202202120107.p0.g3015cb8.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202202120107.p0.g3015cb8.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202202120107.p0.g8fbffaf.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202202120107.p0.g8fbffaf.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202202120107.p0.g8fbffaf.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-samples-operator:v4.9.0-202202120107.p0.g9b0a9d7.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202202120107.p0.g9b0a9d7.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-samples-operator:v4.9.0-202202120107.p0.g9b0a9d7.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-storage-operator:v4.9.0-202202120107.p0.g2e76e02.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202202120107.p0.g2e76e02.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-storage-operator:v4.9.0-202202120107.p0.g2e76e02.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-version-operator:v4.9.0-202202120107.p0.gf2551e5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202202120107.p0.gf2551e5.assembly.stream"
},
"product_reference": "openshift4/ose-cluster-version-operator:v4.9.0-202202120107.p0.gf2551e5.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-configmap-reloader:v4.9.0-202202120107.p0.gb84b5bf.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202202120107.p0.gb84b5bf.assembly.stream"
},
"product_reference": "openshift4/ose-configmap-reloader:v4.9.0-202202120107.p0.gb84b5bf.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console-operator:v4.9.0-202202120107.p0.gfdcb82f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202202120107.p0.gfdcb82f.assembly.stream"
},
"product_reference": "openshift4/ose-console-operator:v4.9.0-202202120107.p0.gfdcb82f.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console:v4.9.0-202202151621.p0.gc60ddb0.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202202151621.p0.gc60ddb0.assembly.stream"
},
"product_reference": "openshift4/ose-console:v4.9.0-202202151621.p0.gc60ddb0.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream"
},
"product_reference": "openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream"
},
"product_reference": "openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-coredns:v4.9.0-202202120107.p0.g3cb11c0.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202202120107.p0.g3cb11c0.assembly.stream"
},
"product_reference": "openshift4/ose-coredns:v4.9.0-202202120107.p0.g3cb11c0.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202202120107.p0.gfd2d838.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202202120107.p0.gfd2d838.assembly.stream"
},
"product_reference": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202202120107.p0.gfd2d838.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream"
},
"product_reference": "openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202202120107.p0.g0e0c173.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202202120107.p0.g0e0c173.assembly.stream"
},
"product_reference": "openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202202120107.p0.g0e0c173.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202202120107.p0.g0a1737c.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202202120107.p0.g0a1737c.assembly.stream"
},
"product_reference": "openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-attacher:v4.9.0-202202120107.p0.g0a1737c.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202202120107.p0.g0a1737c.assembly.stream"
},
"product_reference": "openshift4/ose-csi-external-attacher:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-provisioner-rhel8:v4.9.0-202202120107.p0.g7736e72.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-external-provisioner-rhel8:v4.9.0-202202120107.p0.g7736e72.assembly.stream"
},
"product_reference": "openshift4/ose-csi-external-provisioner-rhel8:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-provisioner:v4.9.0-202202120107.p0.g7736e72.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-external-provisioner:v4.9.0-202202120107.p0.g7736e72.assembly.stream"
},
"product_reference": "openshift4/ose-csi-external-provisioner:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202202120107.p0.gdad46d0.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202202120107.p0.gdad46d0.assembly.stream"
},
"product_reference": "openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-resizer:v4.9.0-202202120107.p0.gdad46d0.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202202120107.p0.gdad46d0.assembly.stream"
},
"product_reference": "openshift4/ose-csi-external-resizer:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream"
},
"product_reference": "openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-snapshotter:v4.9.0-202202120107.p0.g52ab893.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202202120107.p0.g52ab893.assembly.stream"
},
"product_reference": "openshift4/ose-csi-external-snapshotter:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-livenessprobe-rhel8:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-livenessprobe-rhel8:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream"
},
"product_reference": "openshift4/ose-csi-livenessprobe-rhel8:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-livenessprobe:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-livenessprobe:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream"
},
"product_reference": "openshift4/ose-csi-livenessprobe:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.9.0-202202120107.p0.g3e02b07.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-node-driver-registrar-rhel8:v4.9.0-202202120107.p0.g3e02b07.assembly.stream"
},
"product_reference": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-node-driver-registrar:v4.9.0-202202120107.p0.g3e02b07.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-node-driver-registrar:v4.9.0-202202120107.p0.g3e02b07.assembly.stream"
},
"product_reference": "openshift4/ose-csi-node-driver-registrar:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream"
},
"product_reference": "openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-snapshot-controller:v4.9.0-202202120107.p0.g52ab893.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202202120107.p0.g52ab893.assembly.stream"
},
"product_reference": "openshift4/ose-csi-snapshot-controller:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream"
},
"product_reference": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-deployer:v4.9.0-202202140924.p0.g340e212.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202202140924.p0.g340e212.assembly.stream"
},
"product_reference": "openshift4/ose-deployer:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-builder:v4.9.0-202202120107.p0.g7e2e890.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202202120107.p0.g7e2e890.assembly.stream"
},
"product_reference": "openshift4/ose-docker-builder:v4.9.0-202202120107.p0.g7e2e890.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-registry:v4.9.0-202202131427.p0.gab2eaa5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202202131427.p0.gab2eaa5.assembly.stream"
},
"product_reference": "openshift4/ose-docker-registry:v4.9.0-202202131427.p0.gab2eaa5.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-etcd:v4.9.0-202202120107.p0.gf99cada.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202202120107.p0.gf99cada.assembly.stream"
},
"product_reference": "openshift4/ose-etcd:v4.9.0-202202120107.p0.gf99cada.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202202120107.p0.gd92b088.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202202120107.p0.gd92b088.assembly.stream"
},
"product_reference": "openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202202120107.p0.gd92b088.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.gd8a891d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.gd8a891d.assembly.stream"
},
"product_reference": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.gd8a891d.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202202120107.p0.g48d49f7.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202202120107.p0.g48d49f7.assembly.stream"
},
"product_reference": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202202120107.p0.g48d49f7.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-grafana:v4.9.0-202202120107.p0.g6130ba8.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202202120107.p0.g6130ba8.assembly.stream"
},
"product_reference": "openshift4/ose-grafana:v4.9.0-202202120107.p0.g6130ba8.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-haproxy-router:v4.9.0-202202120107.p0.g2d1e1f4.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202202120107.p0.g2d1e1f4.assembly.stream"
},
"product_reference": "openshift4/ose-haproxy-router:v4.9.0-202202120107.p0.g2d1e1f4.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hyperkube:v4.9.0-202202120107.p0.gb93fd35.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202202120107.p0.gb93fd35.assembly.stream"
},
"product_reference": "openshift4/ose-hyperkube:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-insights-rhel8-operator:v4.9.0-202202120107.p0.g3f1401a.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202202120107.p0.g3f1401a.assembly.stream"
},
"product_reference": "openshift4/ose-insights-rhel8-operator:v4.9.0-202202120107.p0.g3f1401a.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer-artifacts:v4.9.0-202202120417.p0.ge9a66d5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202202120417.p0.ge9a66d5.assembly.stream"
},
"product_reference": "openshift4/ose-installer-artifacts:v4.9.0-202202120417.p0.ge9a66d5.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream"
},
"product_reference": "openshift4/ose-installer:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202202120107.p0.g90b5722.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202202120107.p0.g90b5722.assembly.stream"
},
"product_reference": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202202120107.p0.g90b5722.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-base:v4.9.0-202202140924.p0.gaf84740.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202202140924.p0.gaf84740.assembly.stream"
},
"product_reference": "openshift4/ose-jenkins-agent-base:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-maven:v4.9.0-202202140924.p0.gaf84740.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202202140924.p0.gaf84740.assembly.stream"
},
"product_reference": "openshift4/ose-jenkins-agent-maven:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202202140924.p0.gaf84740.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202202140924.p0.gaf84740.assembly.stream"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins:v4.9.0-202202140924.p0.gaf84740.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202202140924.p0.gaf84740.assembly.stream"
},
"product_reference": "openshift4/ose-jenkins:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-k8s-prometheus-adapter:v4.9.0-202202120107.p0.gadfdd41.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202202120107.p0.gadfdd41.assembly.stream"
},
"product_reference": "openshift4/ose-k8s-prometheus-adapter:v4.9.0-202202120107.p0.gadfdd41.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-proxy:v4.9.0-202202120107.p0.gecd60f9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202202120107.p0.gecd60f9.assembly.stream"
},
"product_reference": "openshift4/ose-kube-proxy:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-rbac-proxy:v4.9.0-202202120107.p0.g58e0929.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-kube-rbac-proxy:v4.9.0-202202120107.p0.g58e0929.assembly.stream"
},
"product_reference": "openshift4/ose-kube-rbac-proxy:v4.9.0-202202120107.p0.g58e0929.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-state-metrics:v4.9.0-202202120107.p0.g6e41dbd.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202202120107.p0.g6e41dbd.assembly.stream"
},
"product_reference": "openshift4/ose-kube-state-metrics:v4.9.0-202202120107.p0.g6e41dbd.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202202120107.p0.g901a6d2.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202202120107.p0.g901a6d2.assembly.stream"
},
"product_reference": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202202120107.p0.g901a6d2.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kuryr-cni-rhel8:v4.9.0-202202120107.p0.g1e8c94f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202202120107.p0.g1e8c94f.assembly.stream"
},
"product_reference": "openshift4/ose-kuryr-cni-rhel8:v4.9.0-202202120107.p0.g1e8c94f.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-libvirt-machine-controllers:v4.9.0-202202120107.p0.g59ae2ed.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202202120107.p0.g59ae2ed.assembly.stream"
},
"product_reference": "openshift4/ose-libvirt-machine-controllers:v4.9.0-202202120107.p0.g59ae2ed.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-api-operator:v4.9.0-202202120107.p0.g383c9b9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202202120107.p0.g383c9b9.assembly.stream"
},
"product_reference": "openshift4/ose-machine-api-operator:v4.9.0-202202120107.p0.g383c9b9.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-config-operator:v4.9.0-202202150825.p0.gd84a7f9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202202150825.p0.gd84a7f9.assembly.stream"
},
"product_reference": "openshift4/ose-machine-config-operator:v4.9.0-202202150825.p0.gd84a7f9.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-mdns-publisher-rhel8:v4.9.0-202202120107.p0.g266597b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202202120107.p0.g266597b.assembly.stream"
},
"product_reference": "openshift4/ose-mdns-publisher-rhel8:v4.9.0-202202120107.p0.g266597b.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-admission-controller:v4.9.0-202202120107.p0.g3c28a57.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202202120107.p0.g3c28a57.assembly.stream"
},
"product_reference": "openshift4/ose-multus-admission-controller:v4.9.0-202202120107.p0.g3c28a57.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202202120107.p0.gc249937.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202202120107.p0.gc249937.assembly.stream"
},
"product_reference": "openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-cni:v4.9.0-202202120107.p0.gc249937.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202202120107.p0.gc249937.assembly.stream"
},
"product_reference": "openshift4/ose-multus-cni:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202202120107.p0.gfd12fed.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202202120107.p0.gfd12fed.assembly.stream"
},
"product_reference": "openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202202120107.p0.gfd12fed.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream"
},
"product_reference": "openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream"
},
"product_reference": "openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream"
},
"product_reference": "openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream"
},
"product_reference": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-must-gather:v4.9.0-202202141138.p0.gb181f1f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202202141138.p0.gb181f1f.assembly.stream"
},
"product_reference": "openshift4/ose-must-gather:v4.9.0-202202141138.p0.gb181f1f.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202202120107.p0.g9fd6103.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202202120107.p0.g9fd6103.assembly.stream"
},
"product_reference": "openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202202120107.p0.g9fd6103.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202202120107.p0.g8b203f9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202202120107.p0.g8b203f9.assembly.stream"
},
"product_reference": "openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202202120107.p0.g8b203f9.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-oauth-proxy:v4.9.0-202202120107.p0.g9ea1ebc.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202202120107.p0.g9ea1ebc.assembly.stream"
},
"product_reference": "openshift4/ose-oauth-proxy:v4.9.0-202202120107.p0.g9ea1ebc.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-oauth-server-rhel8:v4.9.0-202202120107.p0.g1ee9925.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202202120107.p0.g1ee9925.assembly.stream"
},
"product_reference": "openshift4/ose-oauth-server-rhel8:v4.9.0-202202120107.p0.g1ee9925.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202202161322.p0.gfe6dc77.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202202161322.p0.gfe6dc77.assembly.stream"
},
"product_reference": "openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202202161322.p0.gfe6dc77.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202202120107.p0.g79857a3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202202120107.p0.g79857a3.assembly.stream"
},
"product_reference": "openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202202120107.p0.g79857a3.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202202120107.p0.g689af8b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202202120107.p0.g689af8b.assembly.stream"
},
"product_reference": "openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202202120107.p0.g689af8b.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g56efc78.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g56efc78.assembly.stream"
},
"product_reference": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g56efc78.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream"
},
"product_reference": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream"
},
"product_reference": "openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openstack-machine-controllers:v4.9.0-202202120107.p0.ga7442bb.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202202120107.p0.ga7442bb.assembly.stream"
},
"product_reference": "openshift4/ose-openstack-machine-controllers:v4.9.0-202202120107.p0.ga7442bb.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-lifecycle-manager:v4.9.0-202202120107.p0.g3cd421d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202202120107.p0.g3cd421d.assembly.stream"
},
"product_reference": "openshift4/ose-operator-lifecycle-manager:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-marketplace:v4.9.0-202202120107.p0.g8594727.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202202120107.p0.g8594727.assembly.stream"
},
"product_reference": "openshift4/ose-operator-marketplace:v4.9.0-202202120107.p0.g8594727.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-registry:v4.9.0-202202120107.p0.g3cd421d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202202120107.p0.g3cd421d.assembly.stream"
},
"product_reference": "openshift4/ose-operator-registry:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202202120107.p0.g15a6add.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202202120107.p0.g15a6add.assembly.stream"
},
"product_reference": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202202120107.p0.g15a6add.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes:v4.9.0-202202140924.p0.gce028c9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202202140924.p0.gce028c9.assembly.stream"
},
"product_reference": "openshift4/ose-ovn-kubernetes:v4.9.0-202202140924.p0.gce028c9.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-pod:v4.9.0-202202120107.p0.gb93fd35.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202202120107.p0.gb93fd35.assembly.stream"
},
"product_reference": "openshift4/ose-pod:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prom-label-proxy:v4.9.0-202202120107.p0.g9f870bf.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202202120107.p0.g9f870bf.assembly.stream"
},
"product_reference": "openshift4/ose-prom-label-proxy:v4.9.0-202202120107.p0.g9f870bf.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus-alertmanager:v4.9.0-202202120107.p0.g579e3c6.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202202120107.p0.g579e3c6.assembly.stream"
},
"product_reference": "openshift4/ose-prometheus-alertmanager:v4.9.0-202202120107.p0.g579e3c6.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus-config-reloader:v4.9.0-202202120107.p0.g0869335.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202202120107.p0.g0869335.assembly.stream"
},
"product_reference": "openshift4/ose-prometheus-config-reloader:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus-node-exporter:v4.9.0-202202120107.p0.g1ab97f3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202202120107.p0.g1ab97f3.assembly.stream"
},
"product_reference": "openshift4/ose-prometheus-node-exporter:v4.9.0-202202120107.p0.g1ab97f3.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus-operator:v4.9.0-202202120107.p0.g0869335.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202202120107.p0.g0869335.assembly.stream"
},
"product_reference": "openshift4/ose-prometheus-operator:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus:v4.9.0-202202120107.p0.g3197fa7.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202202120107.p0.g3197fa7.assembly.stream"
},
"product_reference": "openshift4/ose-prometheus:v4.9.0-202202120107.p0.g3197fa7.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sdn-rhel8:v4.9.0-202202120107.p0.gecd60f9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202202120107.p0.gecd60f9.assembly.stream"
},
"product_reference": "openshift4/ose-sdn-rhel8:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-ca-operator:v4.9.0-202202120107.p0.gab44f58.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202202120107.p0.gab44f58.assembly.stream"
},
"product_reference": "openshift4/ose-service-ca-operator:v4.9.0-202202120107.p0.gab44f58.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-telemeter:v4.9.0-202202120107.p0.g03842e0.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202202120107.p0.g03842e0.assembly.stream"
},
"product_reference": "openshift4/ose-telemeter:v4.9.0-202202120107.p0.g03842e0.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests:v4.9.0-202202140924.p0.g932d502.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202202140924.p0.g932d502.assembly.stream"
},
"product_reference": "openshift4/ose-tests:v4.9.0-202202140924.p0.g932d502.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-thanos-rhel8:v4.9.0-202202120107.p0.ge0fa82c.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202202120107.p0.ge0fa82c.assembly.stream"
},
"product_reference": "openshift4/ose-thanos-rhel8:v4.9.0-202202120107.p0.ge0fa82c.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tools-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream"
},
"product_reference": "openshift4/ose-tools-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream"
},
"product_reference": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream"
},
"product_reference": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream"
},
"product_reference": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream"
},
"product_reference": "openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream"
},
"product_reference": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202202120107.p0.gde8606f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202202120107.p0.gde8606f.assembly.stream"
},
"product_reference": "openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202202120107.p0.gde8606f.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g9302429.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g9302429.assembly.stream"
},
"product_reference": "openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g9302429.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ovirt-csi-driver-rhel8:v4.9.0-202202120107.p0.gfe2a7fd.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202202120107.p0.gfe2a7fd.assembly.stream"
},
"product_reference": "openshift4/ovirt-csi-driver-rhel8:v4.9.0-202202120107.p0.gfe2a7fd.assembly.stream",
"relates_to_product_reference": "8Base-RHOSE-4.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202202120107.p0.g2d1e1f4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202202140924.p0.ged0b846.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.g18d82a6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.ge8e2cb3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202202120107.p0.g26f1b6f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202202120107.p0.g8226e86.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202202120107.p0.g37a1328.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g15e474c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202202120107.p0.gade7373.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202202120107.p0.g3bf2b7f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202202120107.p0.g1c81cab.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202202120107.p0.g6e62a54.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202202152352.p0.g5113d1b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202202120107.p0.gd642d11.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202202120107.p0.g1d05f80.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202202120107.p0.gbc20153.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202202120107.p0.g68fe93a.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202202120107.p0.g10af6a9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202202120107.p0.g7e074a7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202202120107.p0.g1826b16.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202202120107.p0.g184a513.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202202120107.p0.gc750d4b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202202120107.p0.geedd0dc.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202202120107.p0.g19c4e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202202120107.p0.gd886c13.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202202120107.p0.g07c25a6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202202120107.p0.ga895470.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202202120107.p0.g78b8e48.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202202120107.p0.g5694bdd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202202120107.p0.g7245b0f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202202120107.p0.g993ec9f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202202120107.p0.gae7b0a3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202202152352.p0.g4d93655.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202202120107.p0.gce0b3ae.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202202120107.p0.gd293c31.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202202120107.p0.g3015cb8.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202202120107.p0.g8fbffaf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202202120107.p0.g9b0a9d7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202202120107.p0.g2e76e02.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202202120107.p0.gf2551e5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202202120107.p0.gb84b5bf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202202120107.p0.gfdcb82f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202202151621.p0.gc60ddb0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202202120107.p0.g3cb11c0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202202120107.p0.gfd2d838.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202202120107.p0.g0e0c173.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-provisioner-rhel8:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-provisioner:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-livenessprobe-rhel8:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-livenessprobe:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-node-driver-registrar-rhel8:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-node-driver-registrar:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202202120107.p0.g7e2e890.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202202131427.p0.gab2eaa5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202202120107.p0.gf99cada.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202202120107.p0.gd92b088.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.gd8a891d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202202120107.p0.g48d49f7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202202120107.p0.g6130ba8.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202202120107.p0.g3f1401a.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202202120417.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202202120107.p0.g90b5722.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202202120107.p0.gadfdd41.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-rbac-proxy:v4.9.0-202202120107.p0.g58e0929.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202202120107.p0.g6e41dbd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202202120107.p0.g901a6d2.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202202120107.p0.g1e8c94f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202202120107.p0.g59ae2ed.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202202120107.p0.g383c9b9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202202150825.p0.gd84a7f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202202120107.p0.g266597b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202202120107.p0.g3c28a57.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202202120107.p0.gfd12fed.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202202141138.p0.gb181f1f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202202120107.p0.g9fd6103.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202202120107.p0.g8b203f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202202120107.p0.g9ea1ebc.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202202120107.p0.g1ee9925.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202202161322.p0.gfe6dc77.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202202120107.p0.g79857a3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202202120107.p0.g689af8b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g56efc78.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202202120107.p0.ga7442bb.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202202120107.p0.g8594727.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202202120107.p0.g15a6add.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202202140924.p0.gce028c9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202202120107.p0.g9f870bf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202202120107.p0.g579e3c6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202202120107.p0.g1ab97f3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202202120107.p0.g3197fa7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202202120107.p0.gab44f58.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202202120107.p0.g03842e0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202202140924.p0.g932d502.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202202120107.p0.ge0fa82c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202202120107.p0.gde8606f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g9302429.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202202120107.p0.gfe2a7fd.assembly.stream"
],
"known_not_affected": [
"8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202202120107.p0.g2d1e1f4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
},
{
"category": "external",
"summary": "CVE-2021-29923",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "bz#1992006: CVE-2021-29923 golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
}
],
"release_date": "2021-03-22T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202202140924.p0.ged0b846.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.g18d82a6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.ge8e2cb3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202202120107.p0.g26f1b6f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202202120107.p0.g8226e86.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202202120107.p0.g37a1328.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g15e474c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202202120107.p0.gade7373.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202202120107.p0.g3bf2b7f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202202120107.p0.g1c81cab.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202202120107.p0.g6e62a54.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202202152352.p0.g5113d1b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202202120107.p0.gd642d11.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202202120107.p0.g1d05f80.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202202120107.p0.gbc20153.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202202120107.p0.g68fe93a.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202202120107.p0.g10af6a9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202202120107.p0.g7e074a7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202202120107.p0.g1826b16.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202202120107.p0.g184a513.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202202120107.p0.gc750d4b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202202120107.p0.geedd0dc.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202202120107.p0.g19c4e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202202120107.p0.gd886c13.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202202120107.p0.g07c25a6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202202120107.p0.ga895470.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202202120107.p0.g78b8e48.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202202120107.p0.g5694bdd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202202120107.p0.g7245b0f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202202120107.p0.g993ec9f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202202120107.p0.gae7b0a3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202202152352.p0.g4d93655.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202202120107.p0.gce0b3ae.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202202120107.p0.gd293c31.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202202120107.p0.g3015cb8.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202202120107.p0.g8fbffaf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202202120107.p0.g9b0a9d7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202202120107.p0.g2e76e02.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202202120107.p0.gf2551e5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202202120107.p0.gb84b5bf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202202120107.p0.gfdcb82f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202202151621.p0.gc60ddb0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202202120107.p0.g3cb11c0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202202120107.p0.gfd2d838.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202202120107.p0.g0e0c173.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-provisioner-rhel8:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-provisioner:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-livenessprobe-rhel8:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-livenessprobe:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-node-driver-registrar-rhel8:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-node-driver-registrar:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202202120107.p0.g7e2e890.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202202131427.p0.gab2eaa5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202202120107.p0.gf99cada.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202202120107.p0.gd92b088.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.gd8a891d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202202120107.p0.g48d49f7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202202120107.p0.g6130ba8.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202202120107.p0.g3f1401a.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202202120417.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202202120107.p0.g90b5722.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202202120107.p0.gadfdd41.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-rbac-proxy:v4.9.0-202202120107.p0.g58e0929.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202202120107.p0.g6e41dbd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202202120107.p0.g901a6d2.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202202120107.p0.g1e8c94f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202202120107.p0.g59ae2ed.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202202120107.p0.g383c9b9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202202150825.p0.gd84a7f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202202120107.p0.g266597b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202202120107.p0.g3c28a57.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202202120107.p0.gfd12fed.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202202141138.p0.gb181f1f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202202120107.p0.g9fd6103.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202202120107.p0.g8b203f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202202120107.p0.g9ea1ebc.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202202120107.p0.g1ee9925.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202202161322.p0.gfe6dc77.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202202120107.p0.g79857a3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202202120107.p0.g689af8b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g56efc78.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202202120107.p0.ga7442bb.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202202120107.p0.g8594727.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202202120107.p0.g15a6add.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202202140924.p0.gce028c9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202202120107.p0.g9f870bf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202202120107.p0.g579e3c6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202202120107.p0.g1ab97f3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202202120107.p0.g3197fa7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202202120107.p0.gab44f58.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202202120107.p0.g03842e0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202202140924.p0.g932d502.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202202120107.p0.ge0fa82c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202202120107.p0.gde8606f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g9302429.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202202120107.p0.gfe2a7fd.assembly.stream"
],
"url": "https://access.redhat.com/errata/RHSA-2022:0561"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202202140924.p0.ged0b846.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.g18d82a6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.ge8e2cb3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202202120107.p0.g26f1b6f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202202120107.p0.g8226e86.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202202120107.p0.g37a1328.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g15e474c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202202120107.p0.gade7373.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202202120107.p0.g3bf2b7f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202202120107.p0.g1c81cab.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202202120107.p0.g6e62a54.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202202152352.p0.g5113d1b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202202120107.p0.gd642d11.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202202120107.p0.g1d05f80.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202202120107.p0.gbc20153.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202202120107.p0.g68fe93a.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202202120107.p0.g10af6a9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202202120107.p0.g7e074a7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202202120107.p0.g1826b16.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202202120107.p0.g184a513.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202202120107.p0.gc750d4b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202202120107.p0.geedd0dc.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202202120107.p0.g19c4e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202202120107.p0.gd886c13.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202202120107.p0.g07c25a6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202202120107.p0.ga895470.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202202120107.p0.g78b8e48.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202202120107.p0.g5694bdd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202202120107.p0.g7245b0f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202202120107.p0.g993ec9f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202202120107.p0.gae7b0a3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202202152352.p0.g4d93655.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202202120107.p0.gce0b3ae.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202202120107.p0.gd293c31.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202202120107.p0.g3015cb8.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202202120107.p0.g8fbffaf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202202120107.p0.g9b0a9d7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202202120107.p0.g2e76e02.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202202120107.p0.gf2551e5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202202120107.p0.gb84b5bf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202202120107.p0.gfdcb82f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202202151621.p0.gc60ddb0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202202120107.p0.g3cb11c0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202202120107.p0.gfd2d838.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202202120107.p0.g0e0c173.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-provisioner-rhel8:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-provisioner:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-livenessprobe-rhel8:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-livenessprobe:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-node-driver-registrar-rhel8:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-node-driver-registrar:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202202120107.p0.g7e2e890.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202202131427.p0.gab2eaa5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202202120107.p0.gf99cada.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202202120107.p0.gd92b088.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.gd8a891d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202202120107.p0.g48d49f7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202202120107.p0.g6130ba8.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202202120107.p0.g3f1401a.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202202120417.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202202120107.p0.g90b5722.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202202120107.p0.gadfdd41.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-rbac-proxy:v4.9.0-202202120107.p0.g58e0929.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202202120107.p0.g6e41dbd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202202120107.p0.g901a6d2.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202202120107.p0.g1e8c94f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202202120107.p0.g59ae2ed.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202202120107.p0.g383c9b9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202202150825.p0.gd84a7f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202202120107.p0.g266597b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202202120107.p0.g3c28a57.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202202120107.p0.gfd12fed.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202202141138.p0.gb181f1f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202202120107.p0.g9fd6103.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202202120107.p0.g8b203f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202202120107.p0.g9ea1ebc.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202202120107.p0.g1ee9925.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202202161322.p0.gfe6dc77.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202202120107.p0.g79857a3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202202120107.p0.g689af8b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g56efc78.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202202120107.p0.ga7442bb.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202202120107.p0.g8594727.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202202120107.p0.g15a6add.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202202140924.p0.gce028c9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202202120107.p0.g9f870bf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202202120107.p0.g579e3c6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202202120107.p0.g1ab97f3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202202120107.p0.g3197fa7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202202120107.p0.gab44f58.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202202120107.p0.g03842e0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202202140924.p0.g932d502.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202202120107.p0.ge0fa82c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202202120107.p0.gde8606f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g9302429.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202202120107.p0.gfe2a7fd.assembly.stream"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-07T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2021-29923 golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-36221",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-08-10T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202202120107.p0.g2d1e1f4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A race condition flaw was found in Go. The incoming requests body weren\u0027t closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202202140924.p0.ged0b846.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.g18d82a6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.ge8e2cb3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202202120107.p0.g26f1b6f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202202120107.p0.g8226e86.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202202120107.p0.g37a1328.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g15e474c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202202120107.p0.gade7373.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202202120107.p0.g3bf2b7f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202202120107.p0.g1c81cab.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202202120107.p0.g6e62a54.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202202152352.p0.g5113d1b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202202120107.p0.gd642d11.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202202120107.p0.g1d05f80.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202202120107.p0.gbc20153.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202202120107.p0.g68fe93a.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202202120107.p0.g10af6a9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202202120107.p0.g7e074a7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202202120107.p0.g1826b16.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202202120107.p0.g184a513.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202202120107.p0.gc750d4b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202202120107.p0.geedd0dc.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202202120107.p0.g19c4e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202202120107.p0.gd886c13.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202202120107.p0.g07c25a6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202202120107.p0.ga895470.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202202120107.p0.g78b8e48.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202202120107.p0.g5694bdd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202202120107.p0.g7245b0f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202202120107.p0.g993ec9f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202202120107.p0.gae7b0a3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202202152352.p0.g4d93655.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202202120107.p0.gce0b3ae.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202202120107.p0.gd293c31.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202202120107.p0.g3015cb8.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202202120107.p0.g8fbffaf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202202120107.p0.g9b0a9d7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202202120107.p0.g2e76e02.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202202120107.p0.gf2551e5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202202120107.p0.gb84b5bf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202202120107.p0.gfdcb82f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202202151621.p0.gc60ddb0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202202120107.p0.g3cb11c0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202202120107.p0.gfd2d838.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202202120107.p0.g0e0c173.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-provisioner-rhel8:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-provisioner:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-livenessprobe-rhel8:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-livenessprobe:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-node-driver-registrar-rhel8:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-node-driver-registrar:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202202120107.p0.g7e2e890.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202202131427.p0.gab2eaa5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202202120107.p0.gf99cada.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202202120107.p0.gd92b088.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.gd8a891d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202202120107.p0.g48d49f7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202202120107.p0.g6130ba8.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202202120107.p0.g3f1401a.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202202120417.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202202120107.p0.g90b5722.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202202120107.p0.gadfdd41.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-rbac-proxy:v4.9.0-202202120107.p0.g58e0929.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202202120107.p0.g6e41dbd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202202120107.p0.g901a6d2.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202202120107.p0.g1e8c94f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202202120107.p0.g59ae2ed.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202202120107.p0.g383c9b9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202202150825.p0.gd84a7f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202202120107.p0.g266597b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202202120107.p0.g3c28a57.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202202120107.p0.gfd12fed.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202202141138.p0.gb181f1f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202202120107.p0.g9fd6103.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202202120107.p0.g8b203f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202202120107.p0.g9ea1ebc.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202202120107.p0.g1ee9925.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202202161322.p0.gfe6dc77.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202202120107.p0.g79857a3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202202120107.p0.g689af8b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g56efc78.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202202120107.p0.ga7442bb.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202202120107.p0.g8594727.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202202120107.p0.g15a6add.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202202140924.p0.gce028c9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202202120107.p0.g9f870bf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202202120107.p0.g579e3c6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202202120107.p0.g1ab97f3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202202120107.p0.g3197fa7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202202120107.p0.gab44f58.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202202120107.p0.g03842e0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202202140924.p0.g932d502.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202202120107.p0.ge0fa82c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202202120107.p0.gde8606f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g9302429.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202202120107.p0.gfe2a7fd.assembly.stream"
],
"known_not_affected": [
"8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202202120107.p0.g2d1e1f4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk",
"url": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk"
},
{
"category": "external",
"summary": "CVE-2021-36221",
"url": "https://access.redhat.com/security/cve/CVE-2021-36221"
},
{
"category": "external",
"summary": "bz#1995656: CVE-2021-36221 golang: net/http/httputil: panic due to racy read of persistConn after handler panic",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
}
],
"release_date": "2021-08-05T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202202140924.p0.ged0b846.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.g18d82a6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.ge8e2cb3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202202120107.p0.g26f1b6f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202202120107.p0.g8226e86.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202202120107.p0.g37a1328.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g15e474c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202202120107.p0.gade7373.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202202120107.p0.g3bf2b7f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202202120107.p0.g1c81cab.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202202120107.p0.g6e62a54.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202202152352.p0.g5113d1b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202202120107.p0.gd642d11.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202202120107.p0.g1d05f80.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202202120107.p0.gbc20153.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202202120107.p0.g68fe93a.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202202120107.p0.g10af6a9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202202120107.p0.g7e074a7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202202120107.p0.g1826b16.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202202120107.p0.g184a513.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202202120107.p0.gc750d4b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202202120107.p0.geedd0dc.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202202120107.p0.g19c4e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202202120107.p0.gd886c13.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202202120107.p0.g07c25a6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202202120107.p0.ga895470.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202202120107.p0.g78b8e48.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202202120107.p0.g5694bdd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202202120107.p0.g7245b0f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202202120107.p0.g993ec9f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202202120107.p0.gae7b0a3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202202152352.p0.g4d93655.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202202120107.p0.gce0b3ae.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202202120107.p0.gd293c31.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202202120107.p0.g3015cb8.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202202120107.p0.g8fbffaf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202202120107.p0.g9b0a9d7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202202120107.p0.g2e76e02.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202202120107.p0.gf2551e5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202202120107.p0.gb84b5bf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202202120107.p0.gfdcb82f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202202151621.p0.gc60ddb0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202202120107.p0.g3cb11c0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202202120107.p0.gfd2d838.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202202120107.p0.g0e0c173.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-provisioner-rhel8:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-provisioner:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-livenessprobe-rhel8:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-livenessprobe:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-node-driver-registrar-rhel8:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-node-driver-registrar:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202202120107.p0.g7e2e890.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202202131427.p0.gab2eaa5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202202120107.p0.gf99cada.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202202120107.p0.gd92b088.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.gd8a891d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202202120107.p0.g48d49f7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202202120107.p0.g6130ba8.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202202120107.p0.g3f1401a.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202202120417.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202202120107.p0.g90b5722.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202202120107.p0.gadfdd41.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-rbac-proxy:v4.9.0-202202120107.p0.g58e0929.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202202120107.p0.g6e41dbd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202202120107.p0.g901a6d2.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202202120107.p0.g1e8c94f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202202120107.p0.g59ae2ed.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202202120107.p0.g383c9b9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202202150825.p0.gd84a7f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202202120107.p0.g266597b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202202120107.p0.g3c28a57.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202202120107.p0.gfd12fed.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202202141138.p0.gb181f1f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202202120107.p0.g9fd6103.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202202120107.p0.g8b203f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202202120107.p0.g9ea1ebc.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202202120107.p0.g1ee9925.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202202161322.p0.gfe6dc77.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202202120107.p0.g79857a3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202202120107.p0.g689af8b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g56efc78.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202202120107.p0.ga7442bb.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202202120107.p0.g8594727.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202202120107.p0.g15a6add.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202202140924.p0.gce028c9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202202120107.p0.g9f870bf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202202120107.p0.g579e3c6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202202120107.p0.g1ab97f3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202202120107.p0.g3197fa7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202202120107.p0.gab44f58.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202202120107.p0.g03842e0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202202140924.p0.g932d502.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202202120107.p0.ge0fa82c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202202120107.p0.gde8606f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g9302429.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202202120107.p0.gfe2a7fd.assembly.stream"
],
"url": "https://access.redhat.com/errata/RHSA-2022:0561"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202202120107.p0.g099b756.assembly.stream",
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202202140924.p0.ged0b846.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.g18d82a6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.ge8e2cb3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202202120107.p0.g26f1b6f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202202120107.p0.g8226e86.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202202120107.p0.g37a1328.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202202120107.p0.gc02678d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g15e474c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202202120107.p0.gade7373.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202202120107.p0.g3bf2b7f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202202120107.p0.g1c81cab.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202202120107.p0.g6e62a54.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202202152352.p0.g5113d1b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202202140924.p0.g340e212.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202202120107.p0.gd642d11.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202202120107.p0.g1d05f80.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202202120107.p0.gbc20153.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202202120107.p0.g68fe93a.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202202120107.p0.g10af6a9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202202120107.p0.g7e074a7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202202120107.p0.g1826b16.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202202120107.p0.g184a513.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202202120107.p0.gc750d4b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202202120107.p0.geedd0dc.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202202120107.p0.g19c4e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202202120107.p0.gd886c13.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202202120107.p0.g07c25a6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202202120107.p0.ga895470.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202202120107.p0.g78b8e48.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202202120107.p0.g5694bdd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202202120107.p0.g7245b0f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202202120107.p0.g993ec9f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202202120107.p0.gae7b0a3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202202152352.p0.g4d93655.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202202120107.p0.gce0b3ae.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202202120107.p0.gd293c31.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202202120107.p0.g3015cb8.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202202120107.p0.g8fbffaf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202202120107.p0.g9b0a9d7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202202120107.p0.g2e76e02.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202202120107.p0.gf2551e5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202202120107.p0.gb84b5bf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202202120107.p0.gfdcb82f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202202151621.p0.gc60ddb0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202202120107.p0.g44a4913.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202202120107.p0.g3cb11c0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202202120107.p0.gfd2d838.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202202120107.p0.g0e0c173.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202202120107.p0.g0a1737c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-provisioner-rhel8:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-provisioner:v4.9.0-202202120107.p0.g7736e72.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202202120107.p0.gdad46d0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-livenessprobe-rhel8:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-livenessprobe:v4.9.0-202202120107.p0.gc13c3a5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-node-driver-registrar-rhel8:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-node-driver-registrar:v4.9.0-202202120107.p0.g3e02b07.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202202120107.p0.g52ab893.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202202120107.p0.g7e2e890.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202202131427.p0.gab2eaa5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202202120107.p0.gf99cada.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202202120107.p0.gd92b088.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.gd8a891d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202202120107.p0.g48d49f7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202202120107.p0.g6130ba8.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202202120107.p0.g3f1401a.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202202120417.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202202120107.p0.ge9a66d5.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202202120107.p0.g90b5722.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202202140924.p0.gaf84740.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202202120107.p0.gadfdd41.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-rbac-proxy:v4.9.0-202202120107.p0.g58e0929.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202202120107.p0.g6e41dbd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202202120107.p0.g901a6d2.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202202120107.p0.g1e8c94f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202202120107.p0.g59ae2ed.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202202120107.p0.g383c9b9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202202150825.p0.gd84a7f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202202120107.p0.g266597b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202202120107.p0.g3c28a57.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202202120107.p0.gc249937.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202202120107.p0.gfd12fed.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202202120107.p0.g707dd38.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202202120107.p0.g43552df.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202202141138.p0.gb181f1f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202202120107.p0.g9fd6103.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202202120107.p0.g8b203f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202202120107.p0.g9ea1ebc.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202202120107.p0.g1ee9925.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202202161322.p0.gfe6dc77.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202202120107.p0.g79857a3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202202120107.p0.g689af8b.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g56efc78.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202202120107.p0.gddbc0e4.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202202120107.p0.ga7442bb.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202202120107.p0.g8594727.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202202120107.p0.g3cd421d.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202202120107.p0.g15a6add.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202202140924.p0.gce028c9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202202120107.p0.gb93fd35.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202202120107.p0.g9f870bf.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202202120107.p0.g579e3c6.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202202120107.p0.g1ab97f3.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202202120107.p0.g0869335.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202202120107.p0.g3197fa7.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202202120107.p0.gecd60f9.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202202120107.p0.gab44f58.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202202120107.p0.g03842e0.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202202140924.p0.g932d502.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202202120107.p0.ge0fa82c.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202202120107.p0.g9f56afd.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202202120107.p0.g4ece3d1.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202202120107.p0.gde8606f.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202202120107.p0.g9302429.assembly.stream",
"8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202202120107.p0.gfe2a7fd.assembly.stream"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-10T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2021-36221 golang: net/http/httputil: panic due to racy read of persistConn after handler panic"
}
]
}
rhsa-2021_3431
Vulnerability from csaf_redhat
Published
2021-09-07 08:38
Modified
2024-09-18 14:39
Summary
Red Hat Security Advisory: go-toolset-1.15-golang security update
Notes
Topic
An update for go-toolset-1.15-golang is now available for Red Hat Developer Tools.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* golang: net: lookup functions may return invalid host names (CVE-2021-33195)
* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for go-toolset-1.15-golang is now available for Red Hat Developer Tools.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.\n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: net: lookup functions may return invalid host names (CVE-2021-33195)\n\n* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:3431",
"url": "https://access.redhat.com/errata/RHSA-2021:3431"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1989564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989564"
},
{
"category": "external",
"summary": "1989570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989570"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_3431.json"
}
],
"title": "Red Hat Security Advisory: go-toolset-1.15-golang security update",
"tracking": {
"current_release_date": "2024-09-18T14:39:32+00:00",
"generator": {
"date": "2024-09-18T14:39:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:3431",
"initial_release_date": "2021-09-07T08:38:58+00:00",
"revision_history": [
{
"date": "2021-09-07T08:38:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-09-07T08:38:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:39:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:devtools:2021"
}
}
},
{
"category": "product_name",
"name": "Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:devtools:2021"
}
}
}
],
"category": "product_family",
"name": "Red Hat Developer Tools"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"product": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"product_id": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang@1.15.14-2.el7_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"product": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"product_id": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang@1.15.14-2.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"product": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"product_id": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-bin@1.15.14-2.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"product": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"product_id": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-misc@1.15.14-2.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"product": {
"name": "go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"product_id": "go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-race@1.15.14-2.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"product": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"product_id": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-src@1.15.14-2.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"product": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"product_id": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-tests@1.15.14-2.el7_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"product": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"product_id": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang@1.15.14-2.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"product": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"product_id": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-bin@1.15.14-2.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"product": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"product_id": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-misc@1.15.14-2.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"product": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"product_id": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-src@1.15.14-2.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"product": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"product_id": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-tests@1.15.14-2.el7_9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"product_id": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang@1.15.14-2.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"product_id": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-bin@1.15.14-2.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"product_id": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-misc@1.15.14-2.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"product_id": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-src@1.15.14-2.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"product_id": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-tests@1.15.14-2.el7_9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"product": {
"name": "go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"product_id": "go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-docs@1.15.14-2.el7_9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.src as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src"
},
"product_reference": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch"
},
"product_reference": "go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.src as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src"
},
"product_reference": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch"
},
"product_reference": "go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3431"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-33195",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1989564"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go. The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in the net package and methods on the Resolver type, may return arbitrary values retrieved from DNS, allowing injection of unexpected contents. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: lookup functions may return invalid host names",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* For Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the golang-qpid-apache package.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33195"
},
{
"category": "external",
"summary": "RHBZ#1989564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989564"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33195",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33195"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33195",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33195"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
"url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
}
],
"release_date": "2021-05-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3431"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: lookup functions may return invalid host names"
},
{
"cve": "CVE-2021-33197",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1989570"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go, acting as an unintended proxy or intermediary, where ReverseProxy forwards connection headers if the first one was empty. This flaw allows an attacker to drop arbitrary headers. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* For Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the golang-qpid-apache package.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33197"
},
{
"category": "external",
"summary": "RHBZ#1989570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33197"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
"url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
}
],
"release_date": "2021-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3431"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty"
}
]
}
rhsa-2021_3585
Vulnerability from csaf_redhat
Published
2021-09-21 10:07
Modified
2024-09-18 14:39
Summary
Red Hat Security Advisory: go-toolset:rhel8 security update
Notes
Topic
An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:3585",
"url": "https://access.redhat.com/errata/RHSA-2021:3585"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_developer_tools/1/html/using_go_1.15.7_toolset",
"url": "https://access.redhat.com/documentation/en-us/red_hat_developer_tools/1/html/using_go_1.15.7_toolset"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_3585.json"
}
],
"title": "Red Hat Security Advisory: go-toolset:rhel8 security update",
"tracking": {
"current_release_date": "2024-09-18T14:39:36+00:00",
"generator": {
"date": "2024-09-18T14:39:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:3585",
"initial_release_date": "2021-09-21T10:07:10+00:00",
"revision_history": [
{
"date": "2021-09-21T10:07:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-09-21T10:07:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:39:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset:rhel8:8040020210909125047:5081a262",
"product": {
"name": "go-toolset:rhel8:8040020210909125047:5081a262",
"product_id": "go-toolset:rhel8:8040020210909125047:5081a262",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/go-toolset@rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"product": {
"name": "golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"product_id": "golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"product": {
"name": "golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"product_id": "golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"product": {
"name": "golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"product_id": "golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"product": {
"name": "golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"product_id": "golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"product": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"product_id": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"product": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"product_id": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"product": {
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"product_id": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src",
"product": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src",
"product_id": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src",
"product": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src",
"product_id": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=src"
}
}
},
{
"category": "product_version",
"name": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src",
"product": {
"name": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src",
"product_id": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.5.0-2.module%2Bel8.4.0%2B8864%2B58b0fcdb?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"product": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"product_id": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"product": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"product_id": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"product": {
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"product_id": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"product": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"product_id": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"product": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"product_id": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"product": {
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"product_id": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"product": {
"name": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"product_id": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.5.0-2.module%2Bel8.4.0%2B8864%2B58b0fcdb?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"product": {
"name": "delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"product_id": "delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.5.0-2.module%2Bel8.4.0%2B8864%2B58b0fcdb?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"product": {
"name": "delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"product_id": "delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.5.0-2.module%2Bel8.4.0%2B8864%2B58b0fcdb?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"product": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"product_id": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"product": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"product_id": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"product": {
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"product_id": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"product": {
"name": "golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"product_id": "golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
"product_reference": "go-toolset:rhel8:8040020210909125047:5081a262",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src"
},
"product_reference": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64 as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64"
},
"product_reference": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64 as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64"
},
"product_reference": "delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64 as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64"
},
"product_reference": "delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64 as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64"
},
"product_reference": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le"
},
"product_reference": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x"
},
"product_reference": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src"
},
"product_reference": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64 as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64"
},
"product_reference": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64 as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64"
},
"product_reference": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le"
},
"product_reference": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x"
},
"product_reference": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src"
},
"product_reference": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64 as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64"
},
"product_reference": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64 as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64"
},
"product_reference": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le"
},
"product_reference": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x"
},
"product_reference": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64 as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64"
},
"product_reference": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch"
},
"product_reference": "golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch"
},
"product_reference": "golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64 as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64"
},
"product_reference": "golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch"
},
"product_reference": "golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch as a component of go-toolset:rhel8:8040020210909125047:5081a262 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch"
},
"product_reference": "golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3585"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset:rhel8:8040020210909125047:5081a262:golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
}
]
}
rhsa-2021_4722
Vulnerability from csaf_redhat
Published
2021-11-17 15:38
Modified
2024-09-18 14:39
Summary
Red Hat Security Advisory: OpenShift Virtualization 2.6.8 RPMs security and bug fix update
Notes
Topic
Red Hat OpenShift Virtualization release 2.6.8 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization 2.6.8 RPMs.
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release 2.6.8 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform. \n\nThis advisory contains OpenShift Virtualization 2.6.8 RPMs.\n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4722",
"url": "https://access.redhat.com/errata/RHSA-2021:4722"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "2012329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2012329"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_4722.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization 2.6.8 RPMs security and bug fix update",
"tracking": {
"current_release_date": "2024-09-18T14:39:44+00:00",
"generator": {
"date": "2024-09-18T14:39:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:4722",
"initial_release_date": "2021-11-17T15:38:20+00:00",
"revision_history": [
{
"date": "2021-11-17T15:38:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-11-17T15:38:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:39:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 2.6 for RHEL 8",
"product": {
"name": "CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:2.6::el8"
}
}
},
{
"category": "product_name",
"name": "CNV 2.6 for RHEL 7",
"product": {
"name": "CNV 2.6 for RHEL 7",
"product_id": "7Server-CNV-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:2.6::el7"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "kubevirt-0:2.6.8-211.el8.src",
"product": {
"name": "kubevirt-0:2.6.8-211.el8.src",
"product_id": "kubevirt-0:2.6.8-211.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt@2.6.8-211.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "kubevirt-0:2.6.8-211.el7.src",
"product": {
"name": "kubevirt-0:2.6.8-211.el7.src",
"product_id": "kubevirt-0:2.6.8-211.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt@2.6.8-211.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"product": {
"name": "kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"product_id": "kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt-virtctl@2.6.8-211.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64",
"product": {
"name": "kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64",
"product_id": "kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt-virtctl-redistributable@2.6.8-211.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"product": {
"name": "kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"product_id": "kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt-virtctl@2.6.8-211.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"product": {
"name": "kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"product_id": "kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt-virtctl-redistributable@2.6.8-211.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-0:2.6.8-211.el7.src as a component of CNV 2.6 for RHEL 7",
"product_id": "7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src"
},
"product_reference": "kubevirt-0:2.6.8-211.el7.src",
"relates_to_product_reference": "7Server-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-0:2.6.8-211.el7.x86_64 as a component of CNV 2.6 for RHEL 7",
"product_id": "7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64"
},
"product_reference": "kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"relates_to_product_reference": "7Server-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64 as a component of CNV 2.6 for RHEL 7",
"product_id": "7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64"
},
"product_reference": "kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"relates_to_product_reference": "7Server-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-0:2.6.8-211.el8.src as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src"
},
"product_reference": "kubevirt-0:2.6.8-211.el8.src",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-0:2.6.8-211.el8.x86_64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64"
},
"product_reference": "kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
},
"product_reference": "kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64",
"relates_to_product_reference": "8Base-CNV-2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src",
"7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src",
"8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src",
"7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src",
"8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4722"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src",
"7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src",
"8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src",
"7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src",
"8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-34558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1983596"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate\u0027s private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0\u20131.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This vulnerability potentially affects any component written in Go that uses crypto/tls from the standard library. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components: \n - OpenShift Container Platform\n - OpenShift distributed tracing (formerly OpenShift Jaeger)\n - OpenShift Migration Toolkit for Containers\n - Red Hat Advanced Cluster Management for Kubernetes\n - Red Hat OpenShift on AWS\n - Red Hat OpenShift Virtualization\n\n* Because OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src",
"7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src",
"8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34558"
},
{
"category": "external",
"summary": "RHBZ#1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.15.minor",
"url": "https://golang.org/doc/devel/release#go1.15.minor"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.16.minor",
"url": "https://golang.org/doc/devel/release#go1.16.minor"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src",
"7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src",
"8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4722"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src",
"7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src",
"8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src",
"7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src",
"8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic"
}
]
}
rhsa-2022_0432
Vulnerability from csaf_redhat
Published
2022-02-03 16:10
Modified
2024-09-18 14:39
Summary
Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.20.0
Notes
Topic
Release of OpenShift Serverless Client kn 1.20.0
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Serverless Client kn 1.20.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.20.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms.
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* golang: Command-line arguments may overwrite global data (CVE-2021-38297)
* golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Release of OpenShift Serverless Client kn 1.20.0\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Serverless Client kn 1.20.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.20.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms.\n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: Command-line arguments may overwrite global data (CVE-2021-38297)\n\n* golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0432",
"url": "https://access.redhat.com/errata/RHSA-2022:0432"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index",
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index",
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index",
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index",
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "2006044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006044"
},
{
"category": "external",
"summary": "2012887",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2012887"
},
{
"category": "external",
"summary": "2024823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024823"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0432.json"
}
],
"title": "Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.20.0",
"tracking": {
"current_release_date": "2024-09-18T14:39:41+00:00",
"generator": {
"date": "2024-09-18T14:39:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0432",
"initial_release_date": "2022-02-03T16:10:33+00:00",
"revision_history": [
{
"date": "2022-02-03T16:10:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-03T16:10:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:39:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Serverless 1.0",
"product": {
"name": "Red Hat OpenShift Serverless 1.0",
"product_id": "8Base-Openshift-Serverless-1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:serverless:1.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Serverless"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-clients-0:0.26.0-2.el8.src",
"product": {
"name": "openshift-serverless-clients-0:0.26.0-2.el8.src",
"product_id": "openshift-serverless-clients-0:0.26.0-2.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-serverless-clients@0.26.0-2.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-clients-0:0.26.0-2.el8.x86_64",
"product": {
"name": "openshift-serverless-clients-0:0.26.0-2.el8.x86_64",
"product_id": "openshift-serverless-clients-0:0.26.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-serverless-clients@0.26.0-2.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-clients-0:0.26.0-2.el8.ppc64le",
"product": {
"name": "openshift-serverless-clients-0:0.26.0-2.el8.ppc64le",
"product_id": "openshift-serverless-clients-0:0.26.0-2.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-serverless-clients@0.26.0-2.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-clients-0:0.26.0-2.el8.s390x",
"product": {
"name": "openshift-serverless-clients-0:0.26.0-2.el8.s390x",
"product_id": "openshift-serverless-clients-0:0.26.0-2.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-serverless-clients@0.26.0-2.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-clients-0:0.26.0-2.el8.ppc64le as a component of Red Hat OpenShift Serverless 1.0",
"product_id": "8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.ppc64le"
},
"product_reference": "openshift-serverless-clients-0:0.26.0-2.el8.ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-clients-0:0.26.0-2.el8.s390x as a component of Red Hat OpenShift Serverless 1.0",
"product_id": "8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.s390x"
},
"product_reference": "openshift-serverless-clients-0:0.26.0-2.el8.s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-clients-0:0.26.0-2.el8.src as a component of Red Hat OpenShift Serverless 1.0",
"product_id": "8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.src"
},
"product_reference": "openshift-serverless-clients-0:0.26.0-2.el8.src",
"relates_to_product_reference": "8Base-Openshift-Serverless-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-clients-0:0.26.0-2.el8.x86_64 as a component of Red Hat OpenShift Serverless 1.0",
"product_id": "8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.x86_64"
},
"product_reference": "openshift-serverless-clients-0:0.26.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.ppc64le",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.s390x",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.src",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "See the Red Hat OpenShift Container Platform 4.6 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.7 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.8 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.9 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index",
"product_ids": [
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.ppc64le",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.s390x",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.src",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0432"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.ppc64le",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.s390x",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.src",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.ppc64le",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.s390x",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.src",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-38297",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-10-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2012887"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. This vulnerability can only be triggered when invoking functions from vulnerable WASM (WebAssembly) Modules. Go can be compiled to WASM. If the product or service doesn\u0027t use WASM functions, it is not affected, although it uses golang.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: Command-line arguments may overwrite global data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Although this flaw has a higher CVSS score, in a strict sense, the flaw could possibly enable code exec, either Red Hat products don\u0027t use WASM, or don\u0027t expose WASM functions in a way that makes code exec possible. For this reason, the Red Hat impact for this flaw is Moderate.\n\n* Because the flawed code is not actually used in Service Telemetry Framework1.3, no update will be provided at this time for STF\u0027s sg-core-container.\n\n*For a WASM Module to be vulnerable, it needs to be built using GOARCH=wasm GOOS=js (build options for WebAssembly).\n\n*CVE-2021-38297 is a vulnerability that affects Go (golang). It has been fixed in versions 1.17.2 and 1.16.9.\n\n*CVE-2021-38297 does not affect the OpenShift Container Platform (OCP) because it does not build anything with GOARCH=wasm GOOS=js. Hence, OCP-based services are not affected either.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.ppc64le",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.s390x",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.src",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-38297"
},
{
"category": "external",
"summary": "RHBZ#2012887",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2012887"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-38297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38297"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/AEBu9j7yj5A",
"url": "https://groups.google.com/g/golang-announce/c/AEBu9j7yj5A"
}
],
"release_date": "2021-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "See the Red Hat OpenShift Container Platform 4.6 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.7 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.8 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.9 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index",
"product_ids": [
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.ppc64le",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.s390x",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.src",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0432"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.ppc64le",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.s390x",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.src",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.ppc64le",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.s390x",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.src",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: Command-line arguments may overwrite global data"
},
{
"cve": "CVE-2021-39293",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2006044"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. An attacker capable of submitting a crafted ZIP file to a Go application using archive/zip to process that file could cause a denial of service via memory exhaustion or panic. This particular flaw is an incomplete fix for a previous flaw.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In OpenShift Container Platform, multiple components are written in Go and use archive/zip from the standard library. However, all such components are short lived client side tools, not long lived server side executables. As the maximum impact of this vulnerability is a denial of service in client utilities, this vulnerability is rated Low for OpenShift Container Platform.\n\n* This flaw is out of support scope for Red Hat Enterprise Linux 7. For more information about Red Hat Enterprise Linux support scope, please see https://access.redhat.com/support/policy/updates/errata\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s smart-gateway-container and sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.ppc64le",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.s390x",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.src",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39293"
},
{
"category": "external",
"summary": "RHBZ#2006044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006044"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw",
"url": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw"
}
],
"release_date": "2021-08-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "See the Red Hat OpenShift Container Platform 4.6 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.7 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.8 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.9 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index",
"product_ids": [
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.ppc64le",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.s390x",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.src",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0432"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.ppc64le",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.s390x",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.src",
"8Base-Openshift-Serverless-1:openshift-serverless-clients-0:0.26.0-2.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)"
}
]
}
rhsa-2022_0434
Vulnerability from csaf_redhat
Published
2022-02-03 20:05
Modified
2024-09-18 14:39
Summary
Red Hat Security Advisory: Release of OpenShift Serverless 1.20.0
Notes
Topic
Release of OpenShift Serverless 1.20.0
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6, 4.7, 4.8, and 4.9, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section.
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* golang: Command-line arguments may overwrite global data (CVE-2021-38297)
* golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Release of OpenShift Serverless 1.20.0\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6, 4.7, 4.8, and 4.9, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section.\n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: Command-line arguments may overwrite global data (CVE-2021-38297)\n\n* golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0434",
"url": "https://access.redhat.com/errata/RHSA-2022:0434"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index",
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index",
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index",
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index",
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "2006044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006044"
},
{
"category": "external",
"summary": "2012887",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2012887"
},
{
"category": "external",
"summary": "2024838",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024838"
},
{
"category": "external",
"summary": "2024839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024839"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0434.json"
}
],
"title": "Red Hat Security Advisory: Release of OpenShift Serverless 1.20.0",
"tracking": {
"current_release_date": "2024-09-18T14:39:51+00:00",
"generator": {
"date": "2024-09-18T14:39:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0434",
"initial_release_date": "2022-02-03T20:05:14+00:00",
"revision_history": [
{
"date": "2022-02-03T20:05:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-03T20:05:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:39:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Serverless 1.20",
"product": {
"name": "Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:serverless:1.20::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Serverless"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x",
"product": {
"name": "openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x",
"product_id": "openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x",
"product_identification_helper": {
"purl": "pkg:oci/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/client-kn-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x",
"product": {
"name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x",
"product_id": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x",
"product": {
"name": "openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x",
"product_id": "openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-controller-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x",
"product": {
"name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x",
"product_id": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-in-memory-channel-controller-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x",
"product": {
"name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x",
"product_id": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x",
"product": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x",
"product_id": "openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8\u0026tag=0.26.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x",
"product": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x",
"product_id": "openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8\u0026tag=0.26.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x",
"product": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x",
"product_id": "openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8\u0026tag=0.26.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x",
"product": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x",
"product_id": "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8\u0026tag=0.26.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x",
"product": {
"name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x",
"product_id": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtbroker-filter-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x",
"product": {
"name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x",
"product_id": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtbroker-ingress-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x",
"product": {
"name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x",
"product_id": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtchannel-broker-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x",
"product": {
"name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x",
"product_id": "openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtping-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x",
"product": {
"name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x",
"product_id": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-storage-version-migration-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x",
"product": {
"name": "openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x",
"product_id": "openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-sugar-controller-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x",
"product": {
"name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x",
"product_id": "openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-webhook-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x",
"product": {
"name": "openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x",
"product_id": "openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/ingress-rhel8-operator\u0026tag=1.20.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x",
"product": {
"name": "openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x",
"product_id": "openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x",
"product_identification_helper": {
"purl": "pkg:oci/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/knative-rhel8-operator\u0026tag=1.20.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x",
"product": {
"name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x",
"product_id": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/kn-cli-artifacts-rhel8\u0026tag=0.26.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x",
"product": {
"name": "openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x",
"product_id": "openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/kourier-control-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x",
"product": {
"name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x",
"product_id": "openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/svls-must-gather-rhel8\u0026tag=1.20.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x",
"product": {
"name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x",
"product_id": "openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/net-istio-controller-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x",
"product": {
"name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x",
"product_id": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x",
"product_identification_helper": {
"purl": "pkg:oci/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/net-istio-webhook-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x",
"product": {
"name": "openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x",
"product_id": "openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x",
"product_identification_helper": {
"purl": "pkg:oci/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serverless-rhel8-operator\u0026tag=1.20.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x",
"product": {
"name": "openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x",
"product_id": "openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x",
"product_identification_helper": {
"purl": "pkg:oci/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-activator-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x",
"product": {
"name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x",
"product_id": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-autoscaler-hpa-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x",
"product": {
"name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x",
"product_id": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x",
"product_identification_helper": {
"purl": "pkg:oci/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-autoscaler-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x",
"product": {
"name": "openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x",
"product_id": "openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-controller-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x",
"product": {
"name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x",
"product_id": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-domain-mapping-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x",
"product": {
"name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x",
"product_id": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x",
"product_identification_helper": {
"purl": "pkg:oci/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-domain-mapping-webhook-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x",
"product": {
"name": "openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x",
"product_id": "openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x",
"product_identification_helper": {
"purl": "pkg:oci/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-queue-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x",
"product": {
"name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x",
"product_id": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x",
"product_identification_helper": {
"purl": "pkg:oci/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-storage-version-migration-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x",
"product": {
"name": "openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x",
"product_id": "openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-webhook-rhel8\u0026tag=0.26.0-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le",
"product": {
"name": "openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le",
"product_id": "openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/client-kn-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le",
"product": {
"name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le",
"product_id": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le",
"product": {
"name": "openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le",
"product_id": "openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-controller-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le",
"product": {
"name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le",
"product_id": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-in-memory-channel-controller-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le",
"product": {
"name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le",
"product_id": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le",
"product": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le",
"product_id": "openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8\u0026tag=0.26.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le",
"product": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le",
"product_id": "openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8\u0026tag=0.26.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le",
"product": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le",
"product_id": "openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8\u0026tag=0.26.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le",
"product": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le",
"product_id": "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8\u0026tag=0.26.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le",
"product": {
"name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le",
"product_id": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtbroker-filter-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le",
"product": {
"name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le",
"product_id": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtbroker-ingress-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le",
"product": {
"name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le",
"product_id": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtchannel-broker-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le",
"product": {
"name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le",
"product_id": "openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtping-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le",
"product": {
"name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le",
"product_id": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-storage-version-migration-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le",
"product": {
"name": "openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le",
"product_id": "openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-sugar-controller-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le",
"product": {
"name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le",
"product_id": "openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-webhook-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le",
"product": {
"name": "openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le",
"product_id": "openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/ingress-rhel8-operator\u0026tag=1.20.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le",
"product": {
"name": "openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le",
"product_id": "openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/knative-rhel8-operator\u0026tag=1.20.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le",
"product": {
"name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le",
"product_id": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/kn-cli-artifacts-rhel8\u0026tag=0.26.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le",
"product": {
"name": "openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le",
"product_id": "openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/kourier-control-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le",
"product": {
"name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le",
"product_id": "openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/svls-must-gather-rhel8\u0026tag=1.20.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le",
"product": {
"name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le",
"product_id": "openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/net-istio-controller-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le",
"product": {
"name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le",
"product_id": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/net-istio-webhook-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le",
"product": {
"name": "openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le",
"product_id": "openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serverless-rhel8-operator\u0026tag=1.20.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le",
"product": {
"name": "openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le",
"product_id": "openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-activator-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le",
"product": {
"name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le",
"product_id": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-autoscaler-hpa-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le",
"product": {
"name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le",
"product_id": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-autoscaler-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le",
"product": {
"name": "openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le",
"product_id": "openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-controller-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le",
"product": {
"name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le",
"product_id": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-domain-mapping-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le",
"product": {
"name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le",
"product_id": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-domain-mapping-webhook-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le",
"product": {
"name": "openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le",
"product_id": "openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-queue-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le",
"product": {
"name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le",
"product_id": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-storage-version-migration-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le",
"product": {
"name": "openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le",
"product_id": "openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-webhook-rhel8\u0026tag=0.26.0-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64",
"product": {
"name": "openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64",
"product_id": "openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64",
"product_identification_helper": {
"purl": "pkg:oci/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/client-kn-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64",
"product": {
"name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64",
"product_id": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64",
"product": {
"name": "openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64",
"product_id": "openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-controller-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64",
"product": {
"name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64",
"product_id": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-in-memory-channel-controller-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64",
"product": {
"name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64",
"product_id": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64",
"product": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64",
"product_id": "openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8\u0026tag=0.26.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64",
"product": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64",
"product_id": "openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8\u0026tag=0.26.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64",
"product": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64",
"product_id": "openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8\u0026tag=0.26.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64",
"product": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64",
"product_id": "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8\u0026tag=0.26.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64",
"product": {
"name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64",
"product_id": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtbroker-filter-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64",
"product": {
"name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64",
"product_id": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtbroker-ingress-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64",
"product": {
"name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64",
"product_id": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtchannel-broker-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64",
"product": {
"name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64",
"product_id": "openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-mtping-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64",
"product": {
"name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64",
"product_id": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-storage-version-migration-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64",
"product": {
"name": "openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64",
"product_id": "openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-sugar-controller-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64",
"product": {
"name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64",
"product_id": "openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/eventing-webhook-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64",
"product": {
"name": "openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64",
"product_id": "openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/ingress-rhel8-operator\u0026tag=1.20.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64",
"product": {
"name": "openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64",
"product_id": "openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/knative-rhel8-operator\u0026tag=1.20.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64",
"product": {
"name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64",
"product_id": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/kn-cli-artifacts-rhel8\u0026tag=0.26.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64",
"product": {
"name": "openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64",
"product_id": "openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/kourier-control-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64",
"product": {
"name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64",
"product_id": "openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/svls-must-gather-rhel8\u0026tag=1.20.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64",
"product": {
"name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64",
"product_id": "openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/net-istio-controller-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64",
"product": {
"name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64",
"product_id": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/net-istio-webhook-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64",
"product": {
"name": "openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64",
"product_id": "openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serverless-operator-bundle\u0026tag=1.20.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64",
"product": {
"name": "openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64",
"product_id": "openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64",
"product_identification_helper": {
"purl": "pkg:oci/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serverless-rhel8-operator\u0026tag=1.20.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64",
"product": {
"name": "openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64",
"product_id": "openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64",
"product_identification_helper": {
"purl": "pkg:oci/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-activator-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64",
"product": {
"name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64",
"product_id": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64",
"product_identification_helper": {
"purl": "pkg:oci/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-autoscaler-hpa-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64",
"product": {
"name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64",
"product_id": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-autoscaler-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64",
"product": {
"name": "openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64",
"product_id": "openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-controller-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64",
"product": {
"name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64",
"product_id": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-domain-mapping-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64",
"product": {
"name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64",
"product_id": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-domain-mapping-webhook-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64",
"product": {
"name": "openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64",
"product_id": "openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-queue-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64",
"product": {
"name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64",
"product_id": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64",
"product_identification_helper": {
"purl": "pkg:oci/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-storage-version-migration-rhel8\u0026tag=0.26.0-1"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64",
"product": {
"name": "openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64",
"product_id": "openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/serving-webhook-rhel8\u0026tag=0.26.0-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x"
},
"product_reference": "openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le"
},
"product_reference": "openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64"
},
"product_reference": "openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le"
},
"product_reference": "openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x"
},
"product_reference": "openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64"
},
"product_reference": "openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le"
},
"product_reference": "openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x"
},
"product_reference": "openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64"
},
"product_reference": "openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le"
},
"product_reference": "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x"
},
"product_reference": "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64"
},
"product_reference": "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le"
},
"product_reference": "openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x"
},
"product_reference": "openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64"
},
"product_reference": "openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64"
},
"product_reference": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x"
},
"product_reference": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le"
},
"product_reference": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le"
},
"product_reference": "openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64"
},
"product_reference": "openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x"
},
"product_reference": "openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x"
},
"product_reference": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le"
},
"product_reference": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64"
},
"product_reference": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le"
},
"product_reference": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x"
},
"product_reference": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64"
},
"product_reference": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x"
},
"product_reference": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64"
},
"product_reference": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le"
},
"product_reference": "openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le"
},
"product_reference": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x"
},
"product_reference": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64"
},
"product_reference": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le"
},
"product_reference": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x"
},
"product_reference": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64"
},
"product_reference": "openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64"
},
"product_reference": "openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x"
},
"product_reference": "openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le"
},
"product_reference": "openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x"
},
"product_reference": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le"
},
"product_reference": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64"
},
"product_reference": "openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64"
},
"product_reference": "openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le"
},
"product_reference": "openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x"
},
"product_reference": "openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x"
},
"product_reference": "openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le"
},
"product_reference": "openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64"
},
"product_reference": "openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le"
},
"product_reference": "openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64"
},
"product_reference": "openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x"
},
"product_reference": "openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le"
},
"product_reference": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64"
},
"product_reference": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x"
},
"product_reference": "openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x"
},
"product_reference": "openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64"
},
"product_reference": "openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le"
},
"product_reference": "openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le"
},
"product_reference": "openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64"
},
"product_reference": "openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x"
},
"product_reference": "openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x"
},
"product_reference": "openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64"
},
"product_reference": "openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le"
},
"product_reference": "openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x"
},
"product_reference": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le"
},
"product_reference": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64"
},
"product_reference": "openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64"
},
"product_reference": "openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x"
},
"product_reference": "openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le"
},
"product_reference": "openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64"
},
"product_reference": "openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le"
},
"product_reference": "openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x"
},
"product_reference": "openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64"
},
"product_reference": "openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le"
},
"product_reference": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x"
},
"product_reference": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64"
},
"product_reference": "openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le"
},
"product_reference": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x"
},
"product_reference": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64"
},
"product_reference": "openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le"
},
"product_reference": "openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x"
},
"product_reference": "openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64"
},
"product_reference": "openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64"
},
"product_reference": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x"
},
"product_reference": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le"
},
"product_reference": "openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x"
},
"product_reference": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64"
},
"product_reference": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le"
},
"product_reference": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64"
},
"product_reference": "openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le"
},
"product_reference": "openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x"
},
"product_reference": "openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64"
},
"product_reference": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le"
},
"product_reference": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x"
},
"product_reference": "openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le"
},
"product_reference": "openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64"
},
"product_reference": "openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x"
},
"product_reference": "openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le"
},
"product_reference": "openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x"
},
"product_reference": "openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64 as a component of Red Hat OpenShift Serverless 1.20",
"product_id": "8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64"
},
"product_reference": "openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64",
"relates_to_product_reference": "8Base-Openshift-Serverless-1.20"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "See the Red Hat OpenShift Container Platform 4.6 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.7 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.8 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.9 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index",
"product_ids": [
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0434"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-38297",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-10-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2012887"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. This vulnerability can only be triggered when invoking functions from vulnerable WASM (WebAssembly) Modules. Go can be compiled to WASM. If the product or service doesn\u0027t use WASM functions, it is not affected, although it uses golang.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: Command-line arguments may overwrite global data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Although this flaw has a higher CVSS score, in a strict sense, the flaw could possibly enable code exec, either Red Hat products don\u0027t use WASM, or don\u0027t expose WASM functions in a way that makes code exec possible. For this reason, the Red Hat impact for this flaw is Moderate.\n\n* Because the flawed code is not actually used in Service Telemetry Framework1.3, no update will be provided at this time for STF\u0027s sg-core-container.\n\n*For a WASM Module to be vulnerable, it needs to be built using GOARCH=wasm GOOS=js (build options for WebAssembly).\n\n*CVE-2021-38297 is a vulnerability that affects Go (golang). It has been fixed in versions 1.17.2 and 1.16.9.\n\n*CVE-2021-38297 does not affect the OpenShift Container Platform (OCP) because it does not build anything with GOARCH=wasm GOOS=js. Hence, OCP-based services are not affected either.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-38297"
},
{
"category": "external",
"summary": "RHBZ#2012887",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2012887"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-38297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38297"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/AEBu9j7yj5A",
"url": "https://groups.google.com/g/golang-announce/c/AEBu9j7yj5A"
}
],
"release_date": "2021-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "See the Red Hat OpenShift Container Platform 4.6 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.7 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.8 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.9 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index",
"product_ids": [
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0434"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: Command-line arguments may overwrite global data"
},
{
"cve": "CVE-2021-39293",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2006044"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. An attacker capable of submitting a crafted ZIP file to a Go application using archive/zip to process that file could cause a denial of service via memory exhaustion or panic. This particular flaw is an incomplete fix for a previous flaw.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In OpenShift Container Platform, multiple components are written in Go and use archive/zip from the standard library. However, all such components are short lived client side tools, not long lived server side executables. As the maximum impact of this vulnerability is a denial of service in client utilities, this vulnerability is rated Low for OpenShift Container Platform.\n\n* This flaw is out of support scope for Red Hat Enterprise Linux 7. For more information about Red Hat Enterprise Linux support scope, please see https://access.redhat.com/support/policy/updates/errata\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s smart-gateway-container and sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39293"
},
{
"category": "external",
"summary": "RHBZ#2006044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006044"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw",
"url": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw"
}
],
"release_date": "2021-08-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "See the Red Hat OpenShift Container Platform 4.6 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.7 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.8 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index\nSee the Red Hat OpenShift Container Platform 4.9 documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index",
"product_ids": [
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0434"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:56b99182c967851295a20445cd58c764721e7e9e9c7f9119797d9b1fb075b0f3_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:6a0732bb4b950bc09800902816f2924cdcf4b936b1d29eab5263eda688f26b88_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8@sha256:e3fc742d90e6db1f187b72604a723fd3d396a239f3ee3736819a1c2e4ed5b272_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:7b9116020e29b9be4c60b6b47c5838a7af6eee295cb7359437f575672a928090_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:916bf46cff268283429c3c01488038a1299f902f1c868df354a5698e970d0a21_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8@sha256:c92f780f85d109ab5cf1d9732829933d6065a3c618f03b0a5d89b12baa742f2f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:0c68cf5d255f5a2c355ec8eeba4f75bb21d9cbbd5dc5ae97cca1751bf5aeee59_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:84a79c977310f9491fe40e0d258cd6dba007148da7545227df67d67a198530ff_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8@sha256:e799fd256c9f0c33b4fe272b9dfecd387998b36d2b871e9535ed83c9b26d80eb_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:04506133578ec20253494236e33688a85c81c414c956576f3307f1e89b5ab10e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:9d23699ad43fda781be9b2854fb7d62b436ba5f7b0969d9d5e6c64f395a71697_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8@sha256:c8a5cc5ef83f9f269568eaf21b437709e5d0a85ce4853475db37db7cd5fce699_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:5470547f1149716073b1e60ecf6345a090476d5e58c2be92ac6a9cf6ede056c2_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:aef995055487c66070558fb6c6f29c40020006dc293a499bf2d760361738c804_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/client-kn-rhel8@sha256:b9520e98d39c40961975d9107c6e3ce48a61d10874ae8fd049a6913422d4d0db_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:17b46ea72c5f4ff31ca8c259fabb65ecd6df931f782a6a42ee60bcbc65727748_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:8505e03cb97d9594444be05e73ed080286993cebbdfa747095e683343be1fa93_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8@sha256:e278b16e7e55dfdaf22bceb819fbf3b3ec14fe9d1c0f51df3b31155c0d53df58_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:13f141c7bcc40618ba84ea093ebea2e7a58f015b2a682aee7fc8f3bfc14228fb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:a5e03b58a96eb78de121c6045945c641a5ac3895ae240c880b89d17b510a7f76_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-controller-rhel8@sha256:e2c6d9061c3f2dc7c6194dd7cfd00ac427794bca9a19729e22749312378042b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:726f2958e1a08d65903c824350a8ff1adaf0bc24b34dc3ed05ec388f092cab01_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:a2fe424ae111aaa42f2f8ca40e4401f1883c3196a2934c2c1ce0cbf5ad724ba9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-controller-rhel8@sha256:f02ed27fefe4c5eb0ab944ddb5751804e8d46a7201250f6800e16dae38c4669d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7766085969456335183792b5588c03b7132bcaf2032ff4ef630d0d979ec260e9_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:7e4b6b445c7dc088c09f54807b81775330f9204ca0b41942d19f48d634043690_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8@sha256:ba39c5d4e034cfd301db64a509e10080900df4b9391d97d3b65bb1443f122ef3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:26c68751e285ed15e5514e8e25b33bec2fe2fa445f70c33d2d922af1bbfdb393_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:78c66c85a4b895f4b771d0475f7e0e93b36fef8f2dbcbd6e52fffc6697ced39b_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-filter-rhel8@sha256:a7668dc2e89acf16569559d04d342ea1875b5af797a1cc8f9fde1457fb4c03f0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:1657b2e280940c4f8b871c1cc22546b92c9111f48fbedc7f821573d65e72fe11_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:a84a32e3872b770c33cb08f4879abfc89fc1a1c917616b2ccc9389f2d495fe1b_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtbroker-ingress-rhel8@sha256:ed09083dd0b38e9cfb515e6bbc1b3f160d1765c669dc23d91af1f6964c9e9ec5_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:75c95e7952984f0fb8a83ea3457cc73b2ca8bb99d2093ee2df63c734f7f43346_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:881ba0289dd78c0f845d13db99ae06397c0cb1354c1dae91ec1de69d05363e87_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtchannel-broker-rhel8@sha256:d261b7ca2e725d5b7be390b048edebadacbf8d9c0163805438e397ca050f80ce_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:74869bed9d6ec00d4516efd64717a6eeef392bf86f43c98664b51f7054a37c35_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:818af934e25d7e57dc6d699a3b8727c61986b06afae99313df3f23bd2559ada4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-mtping-rhel8@sha256:d3af56305aaa274d01c191b3ec81676ea23b3e61925f91828e88342b3286a2d0_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:27dd1fd65aa81782953a614a2fe62904e7546257dc86322d0ddf11e5251631e9_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:8f3d5948e6d59a0379ca82f55beb79b75640c442a283416e65ec60e4690e5890_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-storage-version-migration-rhel8@sha256:b7b93bddec1a3752ddd6270d3f328858348bd64b42ec98aae5e5c77e31c7ff03_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:8eff3546c303ed5cb50177f16d84a4908552c7c49d185cf8cbc9e2d0007d5cd3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:bd0e3580de74b0016845571f3242cf8f99ca5d341cb9228db3c3b14a622abb48_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-sugar-controller-rhel8@sha256:c24ed00421912a05831d76943f913b82cea1f9a8dd0599f535f13b477b025ce6_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:4ce209284a2c25a7285062cd293293992fb5899199ab5c0a8a0e187b7ebf7d85_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:c78bd6d9d42d70d152733565d57516b2982b3343ae166a58f9330a1b3c6dd7eb_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/eventing-webhook-rhel8@sha256:fae07bf56539bcc5c8cd304914447e6b6a891852d9332df352c65e05e3a371e3_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:4eb53463f16393d27cca9ea9982bacd1ed7edc1191209ea54c76a6237993ce1a_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:8c8112b1b6634356156ca1baa36312a0c9e997511998989c9fde6c0855e0ca3d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/ingress-rhel8-operator@sha256:e17b106c3cabbccef7cfc9f049d989668e6e2fcabcc3eca7dab2b0414fe872b7_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:1d1687d9baa80a099326c5dbfffa5dd6252bcb6e5eab289dbd56ed2cbf76efc8_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:84694bf72cfbee8fc35bc9b066ccf7518be198c4b16b21f1f116596b7b85433f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kn-cli-artifacts-rhel8@sha256:a22110d49b5d32de35e4cd5ec6a56da150c76c68aee873e235a3d3f6207987c4_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:273d7a40181c9d21e6988f2667929e5623de0a8249ba9bbadb08ce27686edf10_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:d57f4f8c0018d208f276143f224af12d48c8da0f0be668c8bc7c9be5bdd791ef_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/knative-rhel8-operator@sha256:f50bb5eb02161e2aa24d79eec84e4d3cd69465fe4b4329fc6608046047204eda_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9a39d82fd555df5458f1d017d9de2c48d04cae3b818f2ff93b546edd2665e873_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:9b14951945043df25e33db68993dd4e874eacdd1d75350375599665e29f5d716_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/kourier-control-rhel8@sha256:e37d553ea1c1708b82ea37815abdfe64f9531d56aefcaea4f18db8cf1c09bc0e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:00c268bb0c5dc22ebd288ef00e69ebfc168fcb609a0c0c7750b62e0a9018a51e_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:bbfa04c9f6b234dc993b4116da5438005bd69ff32a944276bbafcd4f9175de8a_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-controller-rhel8@sha256:c1ff836e48309c08182c2f20e7f3387c50e67656c6c77310560261b443ab27d1_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:444ab78e1e6ed23d7e342cdcb2da161f493acc63810228a08619f2174bdbc058_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:b3043d5f3aac09fd5b63fffeb7d1e8d3a2fbd723da7d0289f48255e4e5f8aebc_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/net-istio-webhook-rhel8@sha256:f69e2035185868f4521b52e8fda74f9e49c289280ef0bf16289ff302c15269df_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-operator-bundle@sha256:003a5c5c3682db69aa57da4c05ed3ccbaf94fb80a4972c8ddcf91eb3d5e299b9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:1e379f64031a6c8af93457fa8aeb6441534bb4c011d637939406e0a471322231_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:3245e73ab2a02e880a57cd8d3be427a7c451fea6151ad68cf469553fc0063bc3_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serverless-rhel8-operator@sha256:64b2f3d87f86be59b9f71cbe92a61600a3290695fb5c7f808d08ba332278e133_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:0e2e5bb4f20c958fb5ea71da82614334069e199a5ce05ddb748aff34b25dff93_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:7789daefd8f0e8134fb2fe6ae154402fc44f3ea0c8dc7ca3b2c9ebdb79ce7551_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-activator-rhel8@sha256:c0c1acdf9abfb73630d1a550646fd4dc0ca764fc58c53fbd2cdf582ef70c8649_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:4cde571a2658f477a4cb52895494583cf5ffe9143fbf699faba83752f307f63e_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:7f7687a6c3a472183af10e4df4e330b080979851917966a5fe41e361a5b967dd_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-hpa-rhel8@sha256:f457cf4746e992f300d291a4e881d565752fafdd28f7d840f181ed1237ae6f98_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:9346c770bbd55d4cc7dcf36e1bea28f6710c7ac34979fc66beb6165e103be50b_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:aadac6f2c3af41ade58f0a6bb0a4e840c331260bccd2ca4bd792e649f0267234_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-autoscaler-rhel8@sha256:d2f90bb4bb1a5b1b1c5f4b4a2c96ca3a2f8f2814b5b2751658970095bf49656c_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:04a6db25142117354d2ae0033e86c569fffccc9aefa8909c11bcccd273e23cd7_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:08d5cb9b7c546952d46edcef01b3dda514e3c5758a085dec83db1a3f8348be8d_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-controller-rhel8@sha256:2423823b744f3d2e4e8d225ff336e3cc12fb76a5fb8209101bdb6ded0ac8d1cf_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:0e2f73b583e330b3f532fec09e019c4ed0e11c859b31bfe18805ce87d605b29d_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:6066fd178b8dff4849def456afa31d6ef2e756c82ce2dcce5b3267acdcde1e3c_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-rhel8@sha256:faca8101513f6d2a6ca00acc5cf9ab17cc6cea0df1012a7e1c9c8d05a9681137_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:415b8de0a07253335bfabaca378281354132d44f8245e2880ae60272bccfda83_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:7dbbed51efff6c906de38e30dce6eee020974a553906fe6d4d6b70a11fe2cb5f_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-domain-mapping-webhook-rhel8@sha256:a794e3dbd05a35fb10a1cab68db87b7fb3e0762be0c0e49b1e78ecf95303a869_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:469b43a91f24496f1f3b3071558fffda6748fa32001ce7c26ba0bf0af2599ac9_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:90b0d0593ef2ab05e6d1aba5016543e54046b5b3baa5c7025882d05997e85503_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-queue-rhel8@sha256:f2d8e81015e477ff7b0a6dc70343d904fa00b574a04285648cf8d4374ded8bae_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:10a34c2d20addbb5fa747db62f31fc1367a75a430c75884bfb13bc85643cc522_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:1f77207a00c6d9292f3b20f18c7f0b780202644939b4daf87c758ec6d0e5bd81_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-storage-version-migration-rhel8@sha256:d37c4c2050b803d6998a810c7d6e5189c78cf1341a1e0388f14e9d25a5fb7549_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:44f412fc7d99403385120937140d630efec6863d1ef8e9465ab6a493ccb179f5_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:6caca935ce7b6573ef924d24d113e5f1ee78e11e6c63d0034b4c1eadffd339e7_amd64",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/serving-webhook-rhel8@sha256:f3485c3f73cc688bb278a3ec39c1576824b513f35b1f11f339320571b022b6c8_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:3e74ef8aa6bf751f3d74137b625287322f1a63a1448e1769968d68598d049c68_ppc64le",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:d2bf91bf8a689cae82013d698648cdfbaca77dd307a3090d3374fcdf670371c5_s390x",
"8Base-Openshift-Serverless-1.20:openshift-serverless-1/svls-must-gather-rhel8@sha256:dca735e59b8d6a94fbb82c0e45e32980838c1368e1fa645f18da93ffc1d552ff_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)"
}
]
}
rhsa-2022_0431
Vulnerability from csaf_redhat
Published
2022-02-03 15:13
Modified
2024-09-18 14:40
Summary
Red Hat Security Advisory: Red Hat Advanced Cluster Security 3.68 security and enhancement update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security for
Kubernetes (RHACS). The updated image includes a bug fixes, security patches and new feature enhancements.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
New features
1. Vulnerability triage workflows - RHACS 3.68 includes the ability to triage vulnerabilities in a variety of ways to support your vulnerability management process. See Managing vulnerabilities for more information.
2. Report scheduling for vulnerabilities - RHACS 3.68 includes the ability to schedule reports for vulnerabilities helping you to send scheduled communications to key stakeholders to assist in the vulnerability management process. See Reporting vulnerabilities to teams for more information.
3. Use AWS ECR AssumeRoles - AWS AssumeRoles allows you to define roles with specific permissions and then granting users access to those roles. {product-title} 3.68 includes the ability to use AWS ECR AssumeRoles to configure roles and grant various levels of access to users. For more details, see Using assumerole with Amazon ECR.
Important bug fixes
1. Previously, searching for CVE’s with a specific severity did not returned any results. This issue has been fixed.
2. Previously, when configuring the Manage Watches feature, if you added more than 12 images to the watch list, the image list would not display properly. This issue has been fixed.
3. Previously, when the RHACS Operator accessed the central-htpasswd secret, it would create a false positive policy violation for the OpenShift: Advanced Cluster Security Central Admin Secret Accessed default policy. This issue has been fixed.
Security update
1. In earlier versions of RHACS, the write permission for the APIToken resource allowed users to create API tokens for any role, including the admin role. This issue has been fixed.
2. The scanner image has been updated to patch CVE-2021-29923.
* golang: net: incorrect parsing of extraneous zero characters at the
beginning of an IP address octet (CVE-2021-29923)
Important system changes
1. RHACS 3.68 includes updates for the Log4Shell vulnerability detection policy. With this update this policy also detects CVE-2021-45046 and it includes the updated remediation based on the latest guidance by the Apache Logging security team.
2. When you upgrade to RHACS 3.68, roles that include write access on the Images resource will have write permissions for both VulnerabilityManagementRequests and VulnerabilityManagementApprovals resource. Red Hat recommends updating the roles to only include the least amount of resources required for each role.
3. If you have installed RHACS using Helm, this update disabled the cluster configuration options in the {product-title-short} portal. You can continue to use Helm configuration files.
4. RHACS 3.68 sends notifications for every runtime policy violation rather than sending notifications only the first encountered violation. This is the default behavior.
5. Tags of the scanner, scanner-db, and collector images, including the collector-slim variant, are now identical to the main image tag.
6. Red Has changed the image names for collector-slim. -slim is no longer part of the image tag.
7. The roxctl CLI includes a new --image-defaults option for the roxctl helm output and roxctl central generate commands. It allows selecting the default registry from which container images are taken for deploying central and scanner.
8. Red Hat has deprecated the --rhacs option for the roxctl helm output command. Use --rhacs-image-defaults option instead.
9. By default, the roxctl helm output command now uses the images from registry.redhat.io rather than stackrox.io.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security for\nKubernetes (RHACS). The updated image includes a bug fixes, security patches and new feature enhancements.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "New features\n1. Vulnerability triage workflows - RHACS 3.68 includes the ability to triage vulnerabilities in a variety of ways to support your vulnerability management process. See Managing vulnerabilities for more information.\n2. Report scheduling for vulnerabilities - RHACS 3.68 includes the ability to schedule reports for vulnerabilities helping you to send scheduled communications to key stakeholders to assist in the vulnerability management process. See Reporting vulnerabilities to teams for more information.\n3. Use AWS ECR AssumeRoles - AWS AssumeRoles allows you to define roles with specific permissions and then granting users access to those roles. {product-title} 3.68 includes the ability to use AWS ECR AssumeRoles to configure roles and grant various levels of access to users. For more details, see Using assumerole with Amazon ECR.\n\nImportant bug fixes\n\n1. Previously, searching for CVE\u2019s with a specific severity did not returned any results. This issue has been fixed.\n2. Previously, when configuring the Manage Watches feature, if you added more than 12 images to the watch list, the image list would not display properly. This issue has been fixed.\n3. Previously, when the RHACS Operator accessed the central-htpasswd secret, it would create a false positive policy violation for the OpenShift: Advanced Cluster Security Central Admin Secret Accessed default policy. This issue has been fixed.\n\nSecurity update\n\n1. In earlier versions of RHACS, the write permission for the APIToken resource allowed users to create API tokens for any role, including the admin role. This issue has been fixed.\n2. The scanner image has been updated to patch CVE-2021-29923.\n* golang: net: incorrect parsing of extraneous zero characters at the\nbeginning of an IP address octet (CVE-2021-29923)\n\nImportant system changes\n\n1. RHACS 3.68 includes updates for the Log4Shell vulnerability detection policy. With this update this policy also detects CVE-2021-45046 and it includes the updated remediation based on the latest guidance by the Apache Logging security team.\n2. When you upgrade to RHACS 3.68, roles that include write access on the Images resource will have write permissions for both VulnerabilityManagementRequests and VulnerabilityManagementApprovals resource. Red Hat recommends updating the roles to only include the least amount of resources required for each role.\n3. If you have installed RHACS using Helm, this update disabled the cluster configuration options in the {product-title-short} portal. You can continue to use Helm configuration files.\n4. RHACS 3.68 sends notifications for every runtime policy violation rather than sending notifications only the first encountered violation. This is the default behavior. \n5. Tags of the scanner, scanner-db, and collector images, including the collector-slim variant, are now identical to the main image tag. \n6. Red Has changed the image names for collector-slim. -slim is no longer part of the image tag. \n7. The roxctl CLI includes a new --image-defaults option for the roxctl helm output and roxctl central generate commands. It allows selecting the default registry from which container images are taken for deploying central and scanner.\n8. Red Hat has deprecated the --rhacs option for the roxctl helm output command. Use --rhacs-image-defaults option instead.\n9. By default, the roxctl helm output command now uses the images from registry.redhat.io rather than stackrox.io.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0431",
"url": "https://access.redhat.com/errata/RHSA-2022:0431"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "ROX-9334",
"url": "https://issues.redhat.com/browse/ROX-9334"
},
{
"category": "external",
"summary": "ROX-9362",
"url": "https://issues.redhat.com/browse/ROX-9362"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0431.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Advanced Cluster Security 3.68 security and enhancement update",
"tracking": {
"current_release_date": "2024-09-18T14:40:48+00:00",
"generator": {
"date": "2024-09-18T14:40:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0431",
"initial_release_date": "2022-02-03T15:13:02+00:00",
"revision_history": [
{
"date": "2022-02-03T15:13:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-03T15:13:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:40:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 3.68 for RHEL 8",
"product": {
"name": "RHACS 3.68 for RHEL 8",
"product_id": "8Base-RHACS-3.68",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:3.68::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cd11379439dab7e64972824a5bae2e51e7c3d2a2b7e7a193813497709b71ec19_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cd11379439dab7e64972824a5bae2e51e7c3d2a2b7e7a193813497709b71ec19_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cd11379439dab7e64972824a5bae2e51e7c3d2a2b7e7a193813497709b71ec19_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:cd11379439dab7e64972824a5bae2e51e7c3d2a2b7e7a193813497709b71ec19?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=3.68.0-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:3b56c2e9baf6cf5973ecf46e58d5911e124f690d0ecad4c82b8bffd347691a03_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:3b56c2e9baf6cf5973ecf46e58d5911e124f690d0ecad4c82b8bffd347691a03_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:3b56c2e9baf6cf5973ecf46e58d5911e124f690d0ecad4c82b8bffd347691a03_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:3b56c2e9baf6cf5973ecf46e58d5911e124f690d0ecad4c82b8bffd347691a03?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=3.68.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-docs-rhel8@sha256:1c890ec418d66ccf23fc32e5af34aaf12c1276b7268555d1cbe7bb0d07f84755_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-docs-rhel8@sha256:1c890ec418d66ccf23fc32e5af34aaf12c1276b7268555d1cbe7bb0d07f84755_amd64",
"product_id": "advanced-cluster-security/rhacs-docs-rhel8@sha256:1c890ec418d66ccf23fc32e5af34aaf12c1276b7268555d1cbe7bb0d07f84755_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-docs-rhel8@sha256:1c890ec418d66ccf23fc32e5af34aaf12c1276b7268555d1cbe7bb0d07f84755?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-docs-rhel8\u0026tag=3.68.0-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:ed3b8893f11372df168da1b222cc12f3dc76e165118737073de5f435659c78e6_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:ed3b8893f11372df168da1b222cc12f3dc76e165118737073de5f435659c78e6_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:ed3b8893f11372df168da1b222cc12f3dc76e165118737073de5f435659c78e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:ed3b8893f11372df168da1b222cc12f3dc76e165118737073de5f435659c78e6?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=3.68.0-28"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:1178a22943998e0a740d7f89d15244d4b1500376493fb84b652fe1ba998bf1d3_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:1178a22943998e0a740d7f89d15244d4b1500376493fb84b652fe1ba998bf1d3_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:1178a22943998e0a740d7f89d15244d4b1500376493fb84b652fe1ba998bf1d3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:1178a22943998e0a740d7f89d15244d4b1500376493fb84b652fe1ba998bf1d3?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=3.68.0-8"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:8c054f058e80f1218f2b05d45fc876fd6a41bebe138f3eff696d2af6bdff64e2_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:8c054f058e80f1218f2b05d45fc876fd6a41bebe138f3eff696d2af6bdff64e2_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:8c054f058e80f1218f2b05d45fc876fd6a41bebe138f3eff696d2af6bdff64e2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:8c054f058e80f1218f2b05d45fc876fd6a41bebe138f3eff696d2af6bdff64e2?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=3.68.0-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e09753e78c7854cbe976289127a6f150706cf4c959accd557b6dbf50b95edf8b_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e09753e78c7854cbe976289127a6f150706cf4c959accd557b6dbf50b95edf8b_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e09753e78c7854cbe976289127a6f150706cf4c959accd557b6dbf50b95edf8b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:e09753e78c7854cbe976289127a6f150706cf4c959accd557b6dbf50b95edf8b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=3.68.0-5"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:eca5c5e7bf69bc0d2771f290d7b8157126df0ceccf805cbfc8d48acb678f46e7_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:eca5c5e7bf69bc0d2771f290d7b8157126df0ceccf805cbfc8d48acb678f46e7_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:eca5c5e7bf69bc0d2771f290d7b8157126df0ceccf805cbfc8d48acb678f46e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:eca5c5e7bf69bc0d2771f290d7b8157126df0ceccf805cbfc8d48acb678f46e7?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=3.68.0-6"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bec259b5478ff5bb220acb11887bc83bef35ac0ebb3f765683556174a159f5ad_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bec259b5478ff5bb220acb11887bc83bef35ac0ebb3f765683556174a159f5ad_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bec259b5478ff5bb220acb11887bc83bef35ac0ebb3f765683556174a159f5ad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:bec259b5478ff5bb220acb11887bc83bef35ac0ebb3f765683556174a159f5ad?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=3.68.0-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cd11379439dab7e64972824a5bae2e51e7c3d2a2b7e7a193813497709b71ec19_amd64 as a component of RHACS 3.68 for RHEL 8",
"product_id": "8Base-RHACS-3.68:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd11379439dab7e64972824a5bae2e51e7c3d2a2b7e7a193813497709b71ec19_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:cd11379439dab7e64972824a5bae2e51e7c3d2a2b7e7a193813497709b71ec19_amd64",
"relates_to_product_reference": "8Base-RHACS-3.68"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:3b56c2e9baf6cf5973ecf46e58d5911e124f690d0ecad4c82b8bffd347691a03_amd64 as a component of RHACS 3.68 for RHEL 8",
"product_id": "8Base-RHACS-3.68:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:3b56c2e9baf6cf5973ecf46e58d5911e124f690d0ecad4c82b8bffd347691a03_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:3b56c2e9baf6cf5973ecf46e58d5911e124f690d0ecad4c82b8bffd347691a03_amd64",
"relates_to_product_reference": "8Base-RHACS-3.68"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-docs-rhel8@sha256:1c890ec418d66ccf23fc32e5af34aaf12c1276b7268555d1cbe7bb0d07f84755_amd64 as a component of RHACS 3.68 for RHEL 8",
"product_id": "8Base-RHACS-3.68:advanced-cluster-security/rhacs-docs-rhel8@sha256:1c890ec418d66ccf23fc32e5af34aaf12c1276b7268555d1cbe7bb0d07f84755_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-docs-rhel8@sha256:1c890ec418d66ccf23fc32e5af34aaf12c1276b7268555d1cbe7bb0d07f84755_amd64",
"relates_to_product_reference": "8Base-RHACS-3.68"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:ed3b8893f11372df168da1b222cc12f3dc76e165118737073de5f435659c78e6_amd64 as a component of RHACS 3.68 for RHEL 8",
"product_id": "8Base-RHACS-3.68:advanced-cluster-security/rhacs-main-rhel8@sha256:ed3b8893f11372df168da1b222cc12f3dc76e165118737073de5f435659c78e6_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:ed3b8893f11372df168da1b222cc12f3dc76e165118737073de5f435659c78e6_amd64",
"relates_to_product_reference": "8Base-RHACS-3.68"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:1178a22943998e0a740d7f89d15244d4b1500376493fb84b652fe1ba998bf1d3_amd64 as a component of RHACS 3.68 for RHEL 8",
"product_id": "8Base-RHACS-3.68:advanced-cluster-security/rhacs-operator-bundle@sha256:1178a22943998e0a740d7f89d15244d4b1500376493fb84b652fe1ba998bf1d3_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:1178a22943998e0a740d7f89d15244d4b1500376493fb84b652fe1ba998bf1d3_amd64",
"relates_to_product_reference": "8Base-RHACS-3.68"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:8c054f058e80f1218f2b05d45fc876fd6a41bebe138f3eff696d2af6bdff64e2_amd64 as a component of RHACS 3.68 for RHEL 8",
"product_id": "8Base-RHACS-3.68:advanced-cluster-security/rhacs-rhel8-operator@sha256:8c054f058e80f1218f2b05d45fc876fd6a41bebe138f3eff696d2af6bdff64e2_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:8c054f058e80f1218f2b05d45fc876fd6a41bebe138f3eff696d2af6bdff64e2_amd64",
"relates_to_product_reference": "8Base-RHACS-3.68"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e09753e78c7854cbe976289127a6f150706cf4c959accd557b6dbf50b95edf8b_amd64 as a component of RHACS 3.68 for RHEL 8",
"product_id": "8Base-RHACS-3.68:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e09753e78c7854cbe976289127a6f150706cf4c959accd557b6dbf50b95edf8b_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e09753e78c7854cbe976289127a6f150706cf4c959accd557b6dbf50b95edf8b_amd64",
"relates_to_product_reference": "8Base-RHACS-3.68"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bec259b5478ff5bb220acb11887bc83bef35ac0ebb3f765683556174a159f5ad_amd64 as a component of RHACS 3.68 for RHEL 8",
"product_id": "8Base-RHACS-3.68:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bec259b5478ff5bb220acb11887bc83bef35ac0ebb3f765683556174a159f5ad_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bec259b5478ff5bb220acb11887bc83bef35ac0ebb3f765683556174a159f5ad_amd64",
"relates_to_product_reference": "8Base-RHACS-3.68"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:eca5c5e7bf69bc0d2771f290d7b8157126df0ceccf805cbfc8d48acb678f46e7_amd64 as a component of RHACS 3.68 for RHEL 8",
"product_id": "8Base-RHACS-3.68:advanced-cluster-security/rhacs-scanner-rhel8@sha256:eca5c5e7bf69bc0d2771f290d7b8157126df0ceccf805cbfc8d48acb678f46e7_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:eca5c5e7bf69bc0d2771f290d7b8157126df0ceccf805cbfc8d48acb678f46e7_amd64",
"relates_to_product_reference": "8Base-RHACS-3.68"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd11379439dab7e64972824a5bae2e51e7c3d2a2b7e7a193813497709b71ec19_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:3b56c2e9baf6cf5973ecf46e58d5911e124f690d0ecad4c82b8bffd347691a03_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-docs-rhel8@sha256:1c890ec418d66ccf23fc32e5af34aaf12c1276b7268555d1cbe7bb0d07f84755_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-main-rhel8@sha256:ed3b8893f11372df168da1b222cc12f3dc76e165118737073de5f435659c78e6_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-operator-bundle@sha256:1178a22943998e0a740d7f89d15244d4b1500376493fb84b652fe1ba998bf1d3_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-rhel8-operator@sha256:8c054f058e80f1218f2b05d45fc876fd6a41bebe138f3eff696d2af6bdff64e2_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e09753e78c7854cbe976289127a6f150706cf4c959accd557b6dbf50b95edf8b_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bec259b5478ff5bb220acb11887bc83bef35ac0ebb3f765683556174a159f5ad_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-scanner-rhel8@sha256:eca5c5e7bf69bc0d2771f290d7b8157126df0ceccf805cbfc8d48acb678f46e7_amd64"
],
"known_not_affected": [
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd11379439dab7e64972824a5bae2e51e7c3d2a2b7e7a193813497709b71ec19_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:3b56c2e9baf6cf5973ecf46e58d5911e124f690d0ecad4c82b8bffd347691a03_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-docs-rhel8@sha256:1c890ec418d66ccf23fc32e5af34aaf12c1276b7268555d1cbe7bb0d07f84755_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-main-rhel8@sha256:ed3b8893f11372df168da1b222cc12f3dc76e165118737073de5f435659c78e6_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-operator-bundle@sha256:1178a22943998e0a740d7f89d15244d4b1500376493fb84b652fe1ba998bf1d3_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-rhel8-operator@sha256:8c054f058e80f1218f2b05d45fc876fd6a41bebe138f3eff696d2af6bdff64e2_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e09753e78c7854cbe976289127a6f150706cf4c959accd557b6dbf50b95edf8b_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bec259b5478ff5bb220acb11887bc83bef35ac0ebb3f765683556174a159f5ad_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "To take advantage of the new features, bug fixes and security patches issued in 3.68 you are advised to upgrade to patch release 3.68.0.",
"product_ids": [
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-scanner-rhel8@sha256:eca5c5e7bf69bc0d2771f290d7b8157126df0ceccf805cbfc8d48acb678f46e7_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0431"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-collector-rhel8@sha256:cd11379439dab7e64972824a5bae2e51e7c3d2a2b7e7a193813497709b71ec19_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:3b56c2e9baf6cf5973ecf46e58d5911e124f690d0ecad4c82b8bffd347691a03_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-docs-rhel8@sha256:1c890ec418d66ccf23fc32e5af34aaf12c1276b7268555d1cbe7bb0d07f84755_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-main-rhel8@sha256:ed3b8893f11372df168da1b222cc12f3dc76e165118737073de5f435659c78e6_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-operator-bundle@sha256:1178a22943998e0a740d7f89d15244d4b1500376493fb84b652fe1ba998bf1d3_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-rhel8-operator@sha256:8c054f058e80f1218f2b05d45fc876fd6a41bebe138f3eff696d2af6bdff64e2_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e09753e78c7854cbe976289127a6f150706cf4c959accd557b6dbf50b95edf8b_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bec259b5478ff5bb220acb11887bc83bef35ac0ebb3f765683556174a159f5ad_amd64",
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-scanner-rhel8@sha256:eca5c5e7bf69bc0d2771f290d7b8157126df0ceccf805cbfc8d48acb678f46e7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHACS-3.68:advanced-cluster-security/rhacs-scanner-rhel8@sha256:eca5c5e7bf69bc0d2771f290d7b8157126df0ceccf805cbfc8d48acb678f46e7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
}
]
}
rhsa-2022_0237
Vulnerability from csaf_redhat
Published
2022-01-24 13:53
Modified
2024-09-18 14:40
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update
Notes
Topic
An update for etcd is now available for Red Hat OpenStack Platform 16.2
(Train).
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
A highly-available key value store for shared configuration
Security Fix(es):
* net/http: limit growth of header canonicalization cache (CVE-2021-44716)
* net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* crypto/tls: certificate of wrong type is causing TLS client to panic
(CVE-2021-34558)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for etcd is now available for Red Hat OpenStack Platform 16.2\n(Train).\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A highly-available key value store for shared configuration\n\nSecurity Fix(es):\n\n* net/http: limit growth of header canonicalization cache (CVE-2021-44716)\n\n* net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* crypto/tls: certificate of wrong type is causing TLS client to panic\n(CVE-2021-34558)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0237",
"url": "https://access.redhat.com/errata/RHSA-2022:0237"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0237.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update",
"tracking": {
"current_release_date": "2024-09-18T14:40:24+00:00",
"generator": {
"date": "2024-09-18T14:40:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0237",
"initial_release_date": "2022-01-24T13:53:27+00:00",
"revision_history": [
{
"date": "2022-01-24T13:53:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-24T13:53:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:40:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 16.2",
"product": {
"name": "Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:16.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-0:3.3.23-7.el8ost.src",
"product": {
"name": "etcd-0:3.3.23-7.el8ost.src",
"product_id": "etcd-0:3.3.23-7.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd@3.3.23-7.el8ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-0:3.3.23-7.el8ost.x86_64",
"product": {
"name": "etcd-0:3.3.23-7.el8ost.x86_64",
"product_id": "etcd-0:3.3.23-7.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd@3.3.23-7.el8ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "etcd-debugsource-0:3.3.23-7.el8ost.x86_64",
"product": {
"name": "etcd-debugsource-0:3.3.23-7.el8ost.x86_64",
"product_id": "etcd-debugsource-0:3.3.23-7.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debugsource@3.3.23-7.el8ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"product": {
"name": "etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"product_id": "etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debuginfo@3.3.23-7.el8ost?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-0:3.3.23-7.el8ost.ppc64le",
"product": {
"name": "etcd-0:3.3.23-7.el8ost.ppc64le",
"product_id": "etcd-0:3.3.23-7.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd@3.3.23-7.el8ost?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"product": {
"name": "etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"product_id": "etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debugsource@3.3.23-7.el8ost?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"product": {
"name": "etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"product_id": "etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debuginfo@3.3.23-7.el8ost?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-0:3.3.23-7.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.ppc64le"
},
"product_reference": "etcd-0:3.3.23-7.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-0:3.3.23-7.el8ost.src as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.src"
},
"product_reference": "etcd-0:3.3.23-7.el8ost.src",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-0:3.3.23-7.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.x86_64"
},
"product_reference": "etcd-0:3.3.23-7.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le"
},
"product_reference": "etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debuginfo-0:3.3.23-7.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64"
},
"product_reference": "etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debugsource-0:3.3.23-7.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le"
},
"product_reference": "etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debugsource-0:3.3.23-7.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
},
"product_reference": "etcd-debugsource-0:3.3.23-7.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0237"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-34558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1983596"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate\u0027s private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0\u20131.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This vulnerability potentially affects any component written in Go that uses crypto/tls from the standard library. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components: \n - OpenShift Container Platform\n - OpenShift distributed tracing (formerly OpenShift Jaeger)\n - OpenShift Migration Toolkit for Containers\n - Red Hat Advanced Cluster Management for Kubernetes\n - Red Hat OpenShift on AWS\n - Red Hat OpenShift Virtualization\n\n* Because OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34558"
},
{
"category": "external",
"summary": "RHBZ#1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.15.minor",
"url": "https://golang.org/doc/devel/release#go1.15.minor"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.16.minor",
"url": "https://golang.org/doc/devel/release#go1.16.minor"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0237"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic"
},
{
"cve": "CVE-2021-44716",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030801"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s an uncontrolled resource consumption flaw in golang\u0027s net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http\u0027s http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: limit growth of header canonicalization cache",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform, OpenShift Virtualization, Red Hat Quay and OpenShift distributed tracing the most an attacker can possibly achieve by exploiting this vulnerability is to crash a container, temporarily impacting availability of one or more services. Therefore impact is rated Moderate.\n\nIn its default configuration, grafana as shipped in Red Hat Enterprise Linux 8 is not affected by this vulnerability. However, enabling http2 in /etc/grafana/grafana.ini explicitly would render grafana affected, therefore grafana has been marked affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44716"
},
{
"category": "external",
"summary": "RHBZ#2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0237"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling HTTP/2. Setting the GODEBUG=http2server=0 environment variable before calling Serve will disable HTTP/2 unless it was manually configured through the golang.org/x/net/http2 package.",
"product_ids": [
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http: limit growth of header canonicalization cache"
}
]
}
rhsa-2022_0557
Vulnerability from csaf_redhat
Published
2022-02-23 12:47
Modified
2024-09-18 14:40
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.9.22 security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.9.22 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.9.22 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0557",
"url": "https://access.redhat.com/errata/RHSA-2022:0557"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0557.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.9.22 security update",
"tracking": {
"current_release_date": "2024-09-18T14:40:00+00:00",
"generator": {
"date": "2024-09-18T14:40:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0557",
"initial_release_date": "2022-02-23T12:47:14+00:00",
"revision_history": [
{
"date": "2022-02-23T12:47:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-23T12:47:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:40:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.9",
"product": {
"name": "Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.9::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.9",
"product": {
"name": "Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"product": {
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"product_id": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.22.1-17.rhaos4.9.git3029b1d.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"product": {
"name": "openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"product_id": "openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src",
"product": {
"name": "openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src",
"product_id": "openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"product": {
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"product_id": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.9.0-202202140924.p0.g340e212.assembly.stream.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "butane-0:0.13.1-2.rhaos4.9.el8.src",
"product": {
"name": "butane-0:0.13.1-2.rhaos4.9.el8.src",
"product_id": "butane-0:0.13.1-2.rhaos4.9.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/butane@0.13.1-2.rhaos4.9.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"product": {
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"product_id": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.22.1-17.rhaos4.9.git3029b1d.2.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.22.0-2.el8.src",
"product": {
"name": "cri-tools-0:1.22.0-2.el8.src",
"product_id": "cri-tools-0:1.22.0-2.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.22.0-2.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"product": {
"name": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"product_id": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-promu@0.5.0-5.git642a960.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "ignition-0:2.12.0-3.rhaos4.9.el8.src",
"product": {
"name": "ignition-0:2.12.0-3.rhaos4.9.el8.src",
"product_id": "ignition-0:2.12.0-3.rhaos4.9.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition@2.12.0-3.rhaos4.9.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.9.1644822177-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.9.1644822177-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.9.1644822177-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.9.1644822177-1.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"product": {
"name": "openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"product_id": "openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"product": {
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"product_id": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.9.0-202202140924.p0.g340e212.assembly.stream.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-0:21.12.0-25.el8fdp.src",
"product": {
"name": "ovn21.12-0:21.12.0-25.el8fdp.src",
"product_id": "ovn21.12-0:21.12.0-25.el8fdp.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12@21.12.0-25.el8fdp?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"product": {
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"product_id": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.22.1-17.rhaos4.9.git3029b1d.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"product_id": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.22.1-17.rhaos4.9.git3029b1d.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"product_id": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"product": {
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"product_id": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.9.0-202202140924.p0.g340e212.assembly.stream.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"product_id": "openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.9.0-202202140924.p0.g340e212.assembly.stream.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"product": {
"name": "butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"product_id": "butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/butane@0.13.1-2.rhaos4.9.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"product": {
"name": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"product_id": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/butane-debugsource@0.13.1-2.rhaos4.9.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"product": {
"name": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"product_id": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/butane-debuginfo@0.13.1-2.rhaos4.9.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"product": {
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"product_id": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.22.1-17.rhaos4.9.git3029b1d.2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"product": {
"name": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"product_id": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.22.1-17.rhaos4.9.git3029b1d.2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"product_id": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.22.1-17.rhaos4.9.git3029b1d.2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.22.0-2.el8.x86_64",
"product": {
"name": "cri-tools-0:1.22.0-2.el8.x86_64",
"product_id": "cri-tools-0:1.22.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.22.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"product": {
"name": "cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"product_id": "cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debugsource@1.22.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"product": {
"name": "cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"product_id": "cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.22.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"product": {
"name": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"product_id": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-promu@0.5.0-5.git642a960.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"product": {
"name": "prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"product_id": "prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-promu@0.5.0-5.git642a960.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"product": {
"name": "ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"product_id": "ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition@2.12.0-3.rhaos4.9.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"product": {
"name": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"product_id": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-validate@2.12.0-3.rhaos4.9.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"product": {
"name": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"product_id": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-debugsource@2.12.0-3.rhaos4.9.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"product": {
"name": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"product_id": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-debuginfo@2.12.0-3.rhaos4.9.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"product": {
"name": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"product_id": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-validate-debuginfo@2.12.0-3.rhaos4.9.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64",
"product_id": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"product": {
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"product_id": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.9.0-202202140924.p0.g340e212.assembly.stream.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"product_id": "openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.9.0-202202140924.p0.g340e212.assembly.stream.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-0:21.12.0-25.el8fdp.x86_64",
"product": {
"name": "ovn21.12-0:21.12.0-25.el8fdp.x86_64",
"product_id": "ovn21.12-0:21.12.0-25.el8fdp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12@21.12.0-25.el8fdp?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-central-0:21.12.0-25.el8fdp.x86_64",
"product": {
"name": "ovn21.12-central-0:21.12.0-25.el8fdp.x86_64",
"product_id": "ovn21.12-central-0:21.12.0-25.el8fdp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-central@21.12.0-25.el8fdp?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-host-0:21.12.0-25.el8fdp.x86_64",
"product": {
"name": "ovn21.12-host-0:21.12.0-25.el8fdp.x86_64",
"product_id": "ovn21.12-host-0:21.12.0-25.el8fdp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-host@21.12.0-25.el8fdp?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64",
"product": {
"name": "ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64",
"product_id": "ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-vtep@21.12.0-25.el8fdp?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64",
"product": {
"name": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64",
"product_id": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-debugsource@21.12.0-25.el8fdp?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"product": {
"name": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"product_id": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-central-debuginfo@21.12.0-25.el8fdp?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"product": {
"name": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"product_id": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-debuginfo@21.12.0-25.el8fdp?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"product": {
"name": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"product_id": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-host-debuginfo@21.12.0-25.el8fdp?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"product": {
"name": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"product_id": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-vtep-debuginfo@21.12.0-25.el8fdp?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"product": {
"name": "openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"product_id": "openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"product": {
"name": "openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"product_id": "openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-test@4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"product": {
"name": "butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"product_id": "butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/butane-redistributable@0.13.1-2.rhaos4.9.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.9.1644822177-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"product": {
"name": "butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"product_id": "butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/butane@0.13.1-2.rhaos4.9.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"product": {
"name": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"product_id": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/butane-debugsource@0.13.1-2.rhaos4.9.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"product": {
"name": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"product_id": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/butane-debuginfo@0.13.1-2.rhaos4.9.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"product": {
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"product_id": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.22.1-17.rhaos4.9.git3029b1d.2.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"product": {
"name": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"product_id": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.22.1-17.rhaos4.9.git3029b1d.2.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"product": {
"name": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"product_id": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.22.1-17.rhaos4.9.git3029b1d.2.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.22.0-2.el8.aarch64",
"product": {
"name": "cri-tools-0:1.22.0-2.el8.aarch64",
"product_id": "cri-tools-0:1.22.0-2.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.22.0-2.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"product": {
"name": "cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"product_id": "cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debugsource@1.22.0-2.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"product": {
"name": "cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"product_id": "cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.22.0-2.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"product": {
"name": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"product_id": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-promu@0.5.0-5.git642a960.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"product": {
"name": "prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"product_id": "prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-promu@0.5.0-5.git642a960.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"product": {
"name": "ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"product_id": "ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition@2.12.0-3.rhaos4.9.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"product": {
"name": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"product_id": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-validate@2.12.0-3.rhaos4.9.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"product": {
"name": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"product_id": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-debugsource@2.12.0-3.rhaos4.9.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"product": {
"name": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"product_id": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-debuginfo@2.12.0-3.rhaos4.9.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"product": {
"name": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"product_id": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-validate-debuginfo@2.12.0-3.rhaos4.9.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"product": {
"name": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"product_id": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"product": {
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"product_id": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.9.0-202202140924.p0.g340e212.assembly.stream.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-0:21.12.0-25.el8fdp.aarch64",
"product": {
"name": "ovn21.12-0:21.12.0-25.el8fdp.aarch64",
"product_id": "ovn21.12-0:21.12.0-25.el8fdp.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12@21.12.0-25.el8fdp?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-central-0:21.12.0-25.el8fdp.aarch64",
"product": {
"name": "ovn21.12-central-0:21.12.0-25.el8fdp.aarch64",
"product_id": "ovn21.12-central-0:21.12.0-25.el8fdp.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-central@21.12.0-25.el8fdp?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-host-0:21.12.0-25.el8fdp.aarch64",
"product": {
"name": "ovn21.12-host-0:21.12.0-25.el8fdp.aarch64",
"product_id": "ovn21.12-host-0:21.12.0-25.el8fdp.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-host@21.12.0-25.el8fdp?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64",
"product": {
"name": "ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64",
"product_id": "ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-vtep@21.12.0-25.el8fdp?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64",
"product": {
"name": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64",
"product_id": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-debugsource@21.12.0-25.el8fdp?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"product": {
"name": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"product_id": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-central-debuginfo@21.12.0-25.el8fdp?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"product": {
"name": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"product_id": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-debuginfo@21.12.0-25.el8fdp?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"product": {
"name": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"product_id": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-host-debuginfo@21.12.0-25.el8fdp?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"product": {
"name": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"product_id": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-vtep-debuginfo@21.12.0-25.el8fdp?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"product": {
"name": "butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"product_id": "butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/butane@0.13.1-2.rhaos4.9.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"product": {
"name": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"product_id": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/butane-debugsource@0.13.1-2.rhaos4.9.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"product": {
"name": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"product_id": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/butane-debuginfo@0.13.1-2.rhaos4.9.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"product": {
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"product_id": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.22.1-17.rhaos4.9.git3029b1d.2.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"product": {
"name": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"product_id": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.22.1-17.rhaos4.9.git3029b1d.2.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"product": {
"name": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"product_id": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.22.1-17.rhaos4.9.git3029b1d.2.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.22.0-2.el8.ppc64le",
"product": {
"name": "cri-tools-0:1.22.0-2.el8.ppc64le",
"product_id": "cri-tools-0:1.22.0-2.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.22.0-2.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"product": {
"name": "cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"product_id": "cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debugsource@1.22.0-2.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"product": {
"name": "cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"product_id": "cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.22.0-2.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"product": {
"name": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"product_id": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-promu@0.5.0-5.git642a960.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"product": {
"name": "prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"product_id": "prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-promu@0.5.0-5.git642a960.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"product": {
"name": "ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"product_id": "ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition@2.12.0-3.rhaos4.9.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"product": {
"name": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"product_id": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-validate@2.12.0-3.rhaos4.9.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"product": {
"name": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"product_id": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-debugsource@2.12.0-3.rhaos4.9.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"product": {
"name": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"product_id": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-debuginfo@2.12.0-3.rhaos4.9.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"product": {
"name": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"product_id": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-validate-debuginfo@2.12.0-3.rhaos4.9.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"product": {
"name": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"product_id": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"product": {
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"product_id": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.9.0-202202140924.p0.g340e212.assembly.stream.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-0:21.12.0-25.el8fdp.ppc64le",
"product": {
"name": "ovn21.12-0:21.12.0-25.el8fdp.ppc64le",
"product_id": "ovn21.12-0:21.12.0-25.el8fdp.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12@21.12.0-25.el8fdp?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le",
"product": {
"name": "ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le",
"product_id": "ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-central@21.12.0-25.el8fdp?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le",
"product": {
"name": "ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le",
"product_id": "ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-host@21.12.0-25.el8fdp?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le",
"product": {
"name": "ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le",
"product_id": "ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-vtep@21.12.0-25.el8fdp?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le",
"product": {
"name": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le",
"product_id": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-debugsource@21.12.0-25.el8fdp?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"product": {
"name": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"product_id": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-central-debuginfo@21.12.0-25.el8fdp?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"product": {
"name": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"product_id": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-debuginfo@21.12.0-25.el8fdp?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"product": {
"name": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"product_id": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-host-debuginfo@21.12.0-25.el8fdp?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"product": {
"name": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"product_id": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-vtep-debuginfo@21.12.0-25.el8fdp?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"product": {
"name": "butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"product_id": "butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/butane@0.13.1-2.rhaos4.9.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"product": {
"name": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"product_id": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/butane-debugsource@0.13.1-2.rhaos4.9.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"product": {
"name": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"product_id": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/butane-debuginfo@0.13.1-2.rhaos4.9.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"product": {
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"product_id": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.22.1-17.rhaos4.9.git3029b1d.2.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"product": {
"name": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"product_id": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.22.1-17.rhaos4.9.git3029b1d.2.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"product": {
"name": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"product_id": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.22.1-17.rhaos4.9.git3029b1d.2.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.22.0-2.el8.s390x",
"product": {
"name": "cri-tools-0:1.22.0-2.el8.s390x",
"product_id": "cri-tools-0:1.22.0-2.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.22.0-2.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"product": {
"name": "cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"product_id": "cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debugsource@1.22.0-2.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"product": {
"name": "cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"product_id": "cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.22.0-2.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"product": {
"name": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"product_id": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-promu@0.5.0-5.git642a960.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"product": {
"name": "prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"product_id": "prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-promu@0.5.0-5.git642a960.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"product": {
"name": "ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"product_id": "ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition@2.12.0-3.rhaos4.9.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"product": {
"name": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"product_id": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-validate@2.12.0-3.rhaos4.9.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"product": {
"name": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"product_id": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-debugsource@2.12.0-3.rhaos4.9.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"product": {
"name": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"product_id": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-debuginfo@2.12.0-3.rhaos4.9.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"product": {
"name": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"product_id": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-validate-debuginfo@2.12.0-3.rhaos4.9.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"product": {
"name": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"product_id": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"product": {
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"product_id": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.9.0-202202140924.p0.g340e212.assembly.stream.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-0:21.12.0-25.el8fdp.s390x",
"product": {
"name": "ovn21.12-0:21.12.0-25.el8fdp.s390x",
"product_id": "ovn21.12-0:21.12.0-25.el8fdp.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12@21.12.0-25.el8fdp?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-central-0:21.12.0-25.el8fdp.s390x",
"product": {
"name": "ovn21.12-central-0:21.12.0-25.el8fdp.s390x",
"product_id": "ovn21.12-central-0:21.12.0-25.el8fdp.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-central@21.12.0-25.el8fdp?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-host-0:21.12.0-25.el8fdp.s390x",
"product": {
"name": "ovn21.12-host-0:21.12.0-25.el8fdp.s390x",
"product_id": "ovn21.12-host-0:21.12.0-25.el8fdp.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-host@21.12.0-25.el8fdp?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x",
"product": {
"name": "ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x",
"product_id": "ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-vtep@21.12.0-25.el8fdp?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x",
"product": {
"name": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x",
"product_id": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-debugsource@21.12.0-25.el8fdp?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x",
"product": {
"name": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x",
"product_id": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-central-debuginfo@21.12.0-25.el8fdp?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x",
"product": {
"name": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x",
"product_id": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-debuginfo@21.12.0-25.el8fdp?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x",
"product": {
"name": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x",
"product_id": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-host-debuginfo@21.12.0-25.el8fdp?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x",
"product": {
"name": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x",
"product_id": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn21.12-vtep-debuginfo@21.12.0-25.el8fdp?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src"
},
"product_reference": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64"
},
"product_reference": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src"
},
"product_reference": "openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch"
},
"product_reference": "openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src"
},
"product_reference": "openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9:openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch"
},
"product_reference": "openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src"
},
"product_reference": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64"
},
"product_reference": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "butane-0:0.13.1-2.rhaos4.9.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.aarch64"
},
"product_reference": "butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "butane-0:0.13.1-2.rhaos4.9.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.ppc64le"
},
"product_reference": "butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "butane-0:0.13.1-2.rhaos4.9.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.s390x"
},
"product_reference": "butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "butane-0:0.13.1-2.rhaos4.9.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.src"
},
"product_reference": "butane-0:0.13.1-2.rhaos4.9.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "butane-0:0.13.1-2.rhaos4.9.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.x86_64"
},
"product_reference": "butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64"
},
"product_reference": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le"
},
"product_reference": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x"
},
"product_reference": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64"
},
"product_reference": "butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64"
},
"product_reference": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le"
},
"product_reference": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x"
},
"product_reference": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64"
},
"product_reference": "butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch"
},
"product_reference": "butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64"
},
"product_reference": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le"
},
"product_reference": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x"
},
"product_reference": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src"
},
"product_reference": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64"
},
"product_reference": "cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64"
},
"product_reference": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le"
},
"product_reference": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x"
},
"product_reference": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64"
},
"product_reference": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le"
},
"product_reference": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x"
},
"product_reference": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64"
},
"product_reference": "cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.22.0-2.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.aarch64"
},
"product_reference": "cri-tools-0:1.22.0-2.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.22.0-2.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.ppc64le"
},
"product_reference": "cri-tools-0:1.22.0-2.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.22.0-2.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.s390x"
},
"product_reference": "cri-tools-0:1.22.0-2.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.22.0-2.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.src"
},
"product_reference": "cri-tools-0:1.22.0-2.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.22.0-2.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.x86_64"
},
"product_reference": "cri-tools-0:1.22.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debuginfo-0:1.22.0-2.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.aarch64"
},
"product_reference": "cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le"
},
"product_reference": "cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debuginfo-0:1.22.0-2.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.s390x"
},
"product_reference": "cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debuginfo-0:1.22.0-2.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.x86_64"
},
"product_reference": "cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debugsource-0:1.22.0-2.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.aarch64"
},
"product_reference": "cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debugsource-0:1.22.0-2.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.ppc64le"
},
"product_reference": "cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debugsource-0:1.22.0-2.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.s390x"
},
"product_reference": "cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debugsource-0:1.22.0-2.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.x86_64"
},
"product_reference": "cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64"
},
"product_reference": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le"
},
"product_reference": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x"
},
"product_reference": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src"
},
"product_reference": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64"
},
"product_reference": "golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-0:2.12.0-3.rhaos4.9.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64"
},
"product_reference": "ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le"
},
"product_reference": "ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-0:2.12.0-3.rhaos4.9.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x"
},
"product_reference": "ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-0:2.12.0-3.rhaos4.9.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src"
},
"product_reference": "ignition-0:2.12.0-3.rhaos4.9.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-0:2.12.0-3.rhaos4.9.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64"
},
"product_reference": "ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64"
},
"product_reference": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le"
},
"product_reference": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x"
},
"product_reference": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64"
},
"product_reference": "ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64"
},
"product_reference": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le"
},
"product_reference": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x"
},
"product_reference": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64"
},
"product_reference": "ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64"
},
"product_reference": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le"
},
"product_reference": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x"
},
"product_reference": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64"
},
"product_reference": "ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64"
},
"product_reference": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le"
},
"product_reference": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x"
},
"product_reference": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64"
},
"product_reference": "ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.9.1644822177-1.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.9.1644822177-1.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src"
},
"product_reference": "openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64"
},
"product_reference": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le"
},
"product_reference": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x"
},
"product_reference": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src"
},
"product_reference": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64"
},
"product_reference": "openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64"
},
"product_reference": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le"
},
"product_reference": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x"
},
"product_reference": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-0:21.12.0-25.el8fdp.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.aarch64"
},
"product_reference": "ovn21.12-0:21.12.0-25.el8fdp.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-0:21.12.0-25.el8fdp.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.ppc64le"
},
"product_reference": "ovn21.12-0:21.12.0-25.el8fdp.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-0:21.12.0-25.el8fdp.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.s390x"
},
"product_reference": "ovn21.12-0:21.12.0-25.el8fdp.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-0:21.12.0-25.el8fdp.src as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.src"
},
"product_reference": "ovn21.12-0:21.12.0-25.el8fdp.src",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-0:21.12.0-25.el8fdp.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.x86_64"
},
"product_reference": "ovn21.12-0:21.12.0-25.el8fdp.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-central-0:21.12.0-25.el8fdp.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.aarch64"
},
"product_reference": "ovn21.12-central-0:21.12.0-25.el8fdp.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le"
},
"product_reference": "ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-central-0:21.12.0-25.el8fdp.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.s390x"
},
"product_reference": "ovn21.12-central-0:21.12.0-25.el8fdp.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-central-0:21.12.0-25.el8fdp.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.x86_64"
},
"product_reference": "ovn21.12-central-0:21.12.0-25.el8fdp.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64"
},
"product_reference": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le"
},
"product_reference": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x"
},
"product_reference": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64"
},
"product_reference": "ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64"
},
"product_reference": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le"
},
"product_reference": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x"
},
"product_reference": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64"
},
"product_reference": "ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64"
},
"product_reference": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le"
},
"product_reference": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x"
},
"product_reference": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64"
},
"product_reference": "ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-host-0:21.12.0-25.el8fdp.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.aarch64"
},
"product_reference": "ovn21.12-host-0:21.12.0-25.el8fdp.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le"
},
"product_reference": "ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-host-0:21.12.0-25.el8fdp.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.s390x"
},
"product_reference": "ovn21.12-host-0:21.12.0-25.el8fdp.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-host-0:21.12.0-25.el8fdp.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.x86_64"
},
"product_reference": "ovn21.12-host-0:21.12.0-25.el8fdp.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64"
},
"product_reference": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le"
},
"product_reference": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x"
},
"product_reference": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64"
},
"product_reference": "ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64"
},
"product_reference": "ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le"
},
"product_reference": "ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x"
},
"product_reference": "ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64"
},
"product_reference": "ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64"
},
"product_reference": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le"
},
"product_reference": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x"
},
"product_reference": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64"
},
"product_reference": "ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64"
},
"product_reference": "prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le"
},
"product_reference": "prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-promu-0:0.5.0-5.git642a960.el8.s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.s390x"
},
"product_reference": "prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64"
},
"product_reference": "prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.src",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.src",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.src",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.src",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.src",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html",
"product_ids": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.src",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0557"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.src",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.src",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.src",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.src",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-36221",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-08-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.src",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.src",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995656"
}
],
"notes": [
{
"category": "description",
"text": "A race condition flaw was found in Go. The incoming requests body weren\u0027t closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the impacted RHOSP packages.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF1.3, no update will be provided at this time for the STF1.3 sg-core-container. Additionally, because Service Telemetry Framework1.2 will be retiring soon, no update will be provided at this time for the STF1.2 smart-gateway-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.src",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.src",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.src",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36221"
},
{
"category": "external",
"summary": "RHBZ#1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk",
"url": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html",
"product_ids": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.src",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0557"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.src",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.src",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.src",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.src",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic"
},
{
"cve": "CVE-2021-44716",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.src",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.src",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.src",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030801"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s an uncontrolled resource consumption flaw in golang\u0027s net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http\u0027s http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: limit growth of header canonicalization cache",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform, OpenShift Virtualization, Red Hat Quay and OpenShift distributed tracing the most an attacker can possibly achieve by exploiting this vulnerability is to crash a container, temporarily impacting availability of one or more services. Therefore impact is rated Moderate.\n\nIn its default configuration, grafana as shipped in Red Hat Enterprise Linux 8 is not affected by this vulnerability. However, enabling http2 in /etc/grafana/grafana.ini explicitly would render grafana affected, therefore grafana has been marked affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.src",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.src",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.src",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44716"
},
{
"category": "external",
"summary": "RHBZ#2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0557"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling HTTP/2. Setting the GODEBUG=http2server=0 environment variable before calling Serve will disable HTTP/2 unless it was manually configured through the golang.org/x/net/http2 package.",
"product_ids": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.src",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.src",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.src",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: limit growth of header canonicalization cache"
},
{
"cve": "CVE-2021-44717",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.src",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.src",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030806"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a flaw in golang\u0027s syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: syscall: don\u0027t close fd 0 on ForkExec error",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This flaw has had the severity level set to Moderate due to the attack complexity required to exhaust file descriptors at the time ForkExec is called, plus an attacker does not necessarily have direct control over where/how data is leaked.\n\n* For Service Telemetry Framework, because the flaw\u0027s impact is lower, no update will be provided at this time for its containers.\n\n* runc shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this flaw because the flaw is already patched in the shipped versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.src",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.src",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.src",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44717"
},
{
"category": "external",
"summary": "RHBZ#2030806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.src",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0557"
},
{
"category": "workaround",
"details": "This bug can be mitigated by raising the per-process file descriptor limit.",
"product_ids": [
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.src",
"7Server-RH7-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-ansible-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-ansible-test-0:4.9.0-202202111950.p0.g4d833d3.assembly.stream.el7.noarch",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.src",
"7Server-RH7-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el7.x86_64",
"7Server-RH7-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el7.x86_64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.src",
"8Base-RHOSE-4.9:cri-o-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debuginfo-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.aarch64",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.s390x",
"8Base-RHOSE-4.9:cri-o-debugsource-0:1.22.1-17.rhaos4.9.git3029b1d.2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.src",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.src",
"8Base-RHOSE-4.9:golang-github-prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.noarch",
"8Base-RHOSE-4.9:jenkins-2-plugins-0:4.9.1644822177-1.el8.src",
"8Base-RHOSE-4.9:openshift-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.src",
"8Base-RHOSE-4.9:openshift-clients-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-clients-redistributable-0:4.9.0-202202140924.p0.g340e212.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.s390x",
"8Base-RHOSE-4.9:openshift-hyperkube-0:4.9.0-202202111950.p0.gb93fd35.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.src",
"8Base-RHOSE-4.9:ovn21.12-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-central-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-debugsource-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-host-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.aarch64",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.ppc64le",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.s390x",
"8Base-RHOSE-4.9:ovn21.12-vtep-debuginfo-0:21.12.0-25.el8fdp.x86_64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.aarch64",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.ppc64le",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.s390x",
"8Base-RHOSE-4.9:prometheus-promu-0:0.5.0-5.git642a960.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:butane-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debuginfo-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:butane-debugsource-0:0.13.1-2.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:butane-redistributable-0:0.13.1-2.rhaos4.9.el8.noarch",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.src",
"8Base-RHOSE-4.9:cri-tools-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debuginfo-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.aarch64",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.ppc64le",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.s390x",
"8Base-RHOSE-4.9:cri-tools-debugsource-0:1.22.0-2.el8.x86_64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.src",
"8Base-RHOSE-4.9:ignition-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-debugsource-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-0:2.12.0-3.rhaos4.9.el8.x86_64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.aarch64",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.ppc64le",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.s390x",
"8Base-RHOSE-4.9:ignition-validate-debuginfo-0:2.12.0-3.rhaos4.9.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: syscall: don\u0027t close fd 0 on ForkExec error"
}
]
}
rhsa-2021_4902
Vulnerability from csaf_redhat
Published
2021-12-01 17:22
Modified
2024-09-18 14:40
Summary
Red Hat Security Advisory: ACS 3.67 security and enhancement update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security for
Kubernetes (RHACS).
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The release of RHACS 3.67 provides the following new features, bug fixes, security patches and system changes:
OpenShift Dedicated support
RHACS 3.67 is thoroughly tested and supported on OpenShift Dedicated on Amazon Web Services and Google Cloud Platform.
1. Use OpenShift OAuth server as an identity provider
If you are using RHACS with OpenShift, you can now configure the built-in OpenShift OAuth server as an identity provider for RHACS.
2. Enhancements for CI outputs
Red Hat has improved the usability of RHACS CI integrations. CI outputs now show additional detailed information about the vulnerabilities and the security policies responsible for broken builds.
3. Runtime Class policy criteria
Users can now use RHACS to define the container runtime configuration that may be used to run a pod’s containers using the Runtime Class policy criteria.
Security Fix(es):
* civetweb: directory traversal when using the built-in example HTTP form-based file upload mechanism via the mg_handle_form_request API (CVE-2020-27304)
* nodejs-axios: Regular expression denial of service in trim function (CVE-2021-3749)
* nodejs-prismjs: ReDoS vulnerability (CVE-2021-3801)
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* helm: information disclosure vulnerability (CVE-2021-32690)
* golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)
* nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe (CVE-2021-23343)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fixes
The release of RHACS 3.67 includes the following bug fixes:
1. Previously, when using RHACS with the Compliance Operator integration, RHACS did not respect or populate Compliance Operator TailoredProfiles. This has been fixed.
2. Previously, the Alpine Linux package manager (APK) in Image policy looked for the presence of apk package in the image rather than the apk-tools package. This issue has been fixed.
System changes
The release of RHACS 3.67 includes the following system changes:
1. Scanner now identifies vulnerabilities in Ubuntu 21.10 images.
2. The Port exposure method policy criteria now include route as an exposure method.
3. The OpenShift: Kubeadmin Secret Accessed security policy now allows the OpenShift Compliance Operator to check for the existence of the Kubeadmin secret without creating a violation.
4. The OpenShift Compliance Operator integration now supports using TailoredProfiles.
5. The RHACS Jenkins plugin now provides additional security information.
6. When you enable the environment variable ROX_NETWORK_ACCESS_LOG for Central, the logs contain the Request URI and X-Forwarded-For header values.
7. The default uid:gid pair for the Scanner image is now 65534:65534.
8. RHACS adds a new default Scope Manager role that includes minimum permissions to create and modify access scopes.
9. If microdnf is part of an image or shows up in process execution, RHACS reports it as a security violation for the Red Hat Package Manager in Image or the Red Hat Package Manager Execution security policies.
10. In addition to manually uploading vulnerability definitions in offline mode, you can now upload definitions in online mode.
11. You can now format the output of the following roxctl CLI commands in table, csv, or JSON format: image scan, image check & deployment check
12. You can now use a regular expression for the deployment name while specifying policy exclusions
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security for\nKubernetes (RHACS).\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The release of RHACS 3.67 provides the following new features, bug fixes, security patches and system changes:\n\nOpenShift Dedicated support\n\nRHACS 3.67 is thoroughly tested and supported on OpenShift Dedicated on Amazon Web Services and Google Cloud Platform.\n\n1. Use OpenShift OAuth server as an identity provider\nIf you are using RHACS with OpenShift, you can now configure the built-in OpenShift OAuth server as an identity provider for RHACS. \n\n2. Enhancements for CI outputs\nRed Hat has improved the usability of RHACS CI integrations. CI outputs now show additional detailed information about the vulnerabilities and the security policies responsible for broken builds.\n\n3. Runtime Class policy criteria\nUsers can now use RHACS to define the container runtime configuration that may be used to run a pod\u2019s containers using the Runtime Class policy criteria.\n\nSecurity Fix(es):\n\n* civetweb: directory traversal when using the built-in example HTTP form-based file upload mechanism via the mg_handle_form_request API (CVE-2020-27304)\n\n* nodejs-axios: Regular expression denial of service in trim function (CVE-2021-3749)\n\n* nodejs-prismjs: ReDoS vulnerability (CVE-2021-3801)\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* helm: information disclosure vulnerability (CVE-2021-32690)\n\n* golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)\n\n* nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe (CVE-2021-23343)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fixes\nThe release of RHACS 3.67 includes the following bug fixes:\n\n1. Previously, when using RHACS with the Compliance Operator integration, RHACS did not respect or populate Compliance Operator TailoredProfiles. This has been fixed.\n\n2. Previously, the Alpine Linux package manager (APK) in Image policy looked for the presence of apk package in the image rather than the apk-tools package. This issue has been fixed.\n\nSystem changes\nThe release of RHACS 3.67 includes the following system changes:\n\n1. Scanner now identifies vulnerabilities in Ubuntu 21.10 images.\n2. The Port exposure method policy criteria now include route as an exposure method.\n3. The OpenShift: Kubeadmin Secret Accessed security policy now allows the OpenShift Compliance Operator to check for the existence of the Kubeadmin secret without creating a violation.\n4. The OpenShift Compliance Operator integration now supports using TailoredProfiles.\n5. The RHACS Jenkins plugin now provides additional security information.\n6. When you enable the environment variable ROX_NETWORK_ACCESS_LOG for Central, the logs contain the Request URI and X-Forwarded-For header values.\n7. The default uid:gid pair for the Scanner image is now 65534:65534.\n8. RHACS adds a new default Scope Manager role that includes minimum permissions to create and modify access scopes.\n9. If microdnf is part of an image or shows up in process execution, RHACS reports it as a security violation for the Red Hat Package Manager in Image or the Red Hat Package Manager Execution security policies.\n10. In addition to manually uploading vulnerability definitions in offline mode, you can now upload definitions in online mode. \n11. You can now format the output of the following roxctl CLI commands in table, csv, or JSON format: image scan, image check \u0026 deployment check\n12. You can now use a regular expression for the deployment name while specifying policy exclusions",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4902",
"url": "https://access.redhat.com/errata/RHSA-2021:4902"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1956818",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956818"
},
{
"category": "external",
"summary": "1978144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1978144"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "1999784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999784"
},
{
"category": "external",
"summary": "2005445",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005445"
},
{
"category": "external",
"summary": "2006044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006044"
},
{
"category": "external",
"summary": "2016640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2016640"
},
{
"category": "external",
"summary": "ROX-9371",
"url": "https://issues.redhat.com/browse/ROX-9371"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_4902.json"
}
],
"title": "Red Hat Security Advisory: ACS 3.67 security and enhancement update",
"tracking": {
"current_release_date": "2024-09-18T14:40:01+00:00",
"generator": {
"date": "2024-09-18T14:40:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:4902",
"initial_release_date": "2021-12-01T17:22:46+00:00",
"revision_history": [
{
"date": "2021-12-01T17:22:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-01T17:22:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:40:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 3.67 for RHEL 8",
"product": {
"name": "RHACS 3.67 for RHEL 8",
"product_id": "8Base-RHACS-3.67",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:3.67::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=3.67.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=3.67.0-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64 as a component of RHACS 3.67 for RHEL 8",
"product_id": "8Base-RHACS-3.67:advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64",
"relates_to_product_reference": "8Base-RHACS-3.67"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64 as a component of RHACS 3.67 for RHEL 8",
"product_id": "8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64",
"relates_to_product_reference": "8Base-RHACS-3.67"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-27304",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-10-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2016640"
}
],
"notes": [
{
"category": "description",
"text": "A remote code execution vulnerability was found in CivetWeb (embeddable web server/library). Due to a directory traversal issue, an attacker is able to add or overwrite files that are subsequently executed which lead to impact to confidentiality, integrity, and availability of the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "civetweb: directory traversal when using the built-in example HTTP form-based file upload mechanism via the mg_handle_form_request API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only impacts CivetWeb-based web applications that use the built-in file upload form handler (full working example in the \u201cembedded_c\u201d example in the CivetWeb sources).\n\nRed Hat Advanced Cluster Security includes code from CivetWeb in the Collector component, however it does not use the file upload form handler, hence is not impacted by this vulnerability. This vulnerability is rated Low for Red Hat Advanced Cluster Security.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
],
"known_not_affected": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27304"
},
{
"category": "external",
"summary": "RHBZ#2016640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2016640"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27304",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27304"
},
{
"category": "external",
"summary": "https://groups.google.com/g/civetweb/c/yPBxNXdGgJQ",
"url": "https://groups.google.com/g/civetweb/c/yPBxNXdGgJQ"
},
{
"category": "external",
"summary": "https://jfrog.com/blog/cve-2020-27304-rce-via-directory-traversal-in-civetweb-http-server/",
"url": "https://jfrog.com/blog/cve-2020-27304-rce-via-directory-traversal-in-civetweb-http-server/"
}
],
"release_date": "2021-10-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "To take advantage of these new features, fixes and changes, please upgrade Red Hat Advanced Cluster Security for Kubernetes to version 3.67.",
"product_ids": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4902"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "civetweb: directory traversal when using the built-in example HTTP form-based file upload mechanism via the mg_handle_form_request API"
},
{
"cve": "CVE-2021-3749",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-08-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1999784"
}
],
"notes": [
{
"category": "description",
"text": "A Regular Expression Denial of Service (ReDoS) vulnerability was found in the nodejs axios. This flaw allows an attacker to provide crafted input to the trim function, which might cause high resources consumption and as a consequence lead to denial of service. The highest threat from this vulnerability is system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-axios: Regular expression denial of service in trim function",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* OpenShift Container Platform (OCP) grafana-container does package a vulnerable version of nodejs axios. However, due to the instance being read only and behind OpenShift OAuth, the impact of this vulnerability is Low.\n\n* Red Hat Advanced Cluster Management for Kubernetes (RHACM) 2.1 and previous versions does contain a vulnerable version of nodejs axios, RHACM 2.2 on towards are not affected versions. For RHACM 2.1, due to the instance being read only and behind OAuth, the impact of this vulnerability is Low.\n\n* Because Service Telemetry Framework 1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF\u0027s service-telemetry-operator-container and smart-gateway-operator-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
],
"known_not_affected": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3749"
},
{
"category": "external",
"summary": "RHBZ#1999784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3749",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3749"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/5b457116e31db0e88fede6c428e969e87f290929",
"url": "https://github.com/axios/axios/commit/5b457116e31db0e88fede6c428e969e87f290929"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/1e8f07fc-c384-4ff9-8498-0690de2e8c31",
"url": "https://huntr.dev/bounties/1e8f07fc-c384-4ff9-8498-0690de2e8c31"
}
],
"release_date": "2021-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "To take advantage of these new features, fixes and changes, please upgrade Red Hat Advanced Cluster Security for Kubernetes to version 3.67.",
"product_ids": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4902"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-axios: Regular expression denial of service in trim function"
},
{
"cve": "CVE-2021-3801",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005445"
}
],
"notes": [
{
"category": "description",
"text": "Insufficient Regular Expression Complexity in prismjs leads to a Regular Expression Denial of Service (ReDoS) attack. An unauthenticated attacker can exploit this flaw to cause an application to consume an excess amount of CPU by providing a crafted HTML comment as input. This can result in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-prismjs: ReDoS vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) grafana-container does package a vulnerable verison of prismjs. However due to the instance being read only and behind OpenShift OAuth, it has been given a Low impact. Additionally it has been marked as wont-fix at this time and may be fixed in a future release.\n\nJust as OCP, OpenShift ServiceMesh (OSSM) components are behind OpenShift OAuth what reducing impact to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
],
"known_not_affected": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3801"
},
{
"category": "external",
"summary": "RHBZ#2005445",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005445"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3801",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3801"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3801",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3801"
}
],
"release_date": "2021-09-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "To take advantage of these new features, fixes and changes, please upgrade Red Hat Advanced Cluster Security for Kubernetes to version 3.67.",
"product_ids": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4902"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-prismjs: ReDoS vulnerability"
},
{
"cve": "CVE-2021-23343",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-05-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1956818"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Had Quay , whilst a vulnerable version of `path-parse` is included in the quay-rhel8 container it is a development dependency only, hence the impact by this vulnerability is low.\n\nIn OpenShift Container Platform (OCP), the hadoop component which is a part of the OCP metering stack, ships the vulnerable version of \u0027path-parse\u0027.\nSince the release of OCP 4.6, the metering product has been deprecated [1], hence the affected component is marked as wontfix.\nThis may be fixed in the future.\n\nIn Red Hat OpenShift Container Storage 4 the noobaa-core container includes the affected version of `path-parse`, however the vulnerable functionality is currently not used in any part of the product.\n\nIn Red Hat Virtualization cockpit-ovirt, ovirt-engine-ui-extensions and ovirt-web-ui use vulnerable version of `path-parse`, however for cockpit-ovirt it is a development time dependency only, and for ovirt-engine-ui-extensions and ovirt-web-ui the vulnerable functions are never used.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
],
"known_not_affected": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23343"
},
{
"category": "external",
"summary": "RHBZ#1956818",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956818"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23343"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23343",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23343"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067",
"url": "https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067"
}
],
"release_date": "2021-05-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "To take advantage of these new features, fixes and changes, please upgrade Red Hat Advanced Cluster Security for Kubernetes to version 3.67.",
"product_ids": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4902"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe"
},
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
],
"known_not_affected": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "To take advantage of these new features, fixes and changes, please upgrade Red Hat Advanced Cluster Security for Kubernetes to version 3.67.",
"product_ids": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4902"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64",
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-32690",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1978144"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Helm, which could allow credentials associated with one Helm repository to be leaked to another repository referenced by the first one. In order to exploit this vulnerability, an attacker would need to control a repository trusted by the configuration of the target Helm instance.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "helm: information disclosure vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Advanced Cluster Management for Kubernetes:\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are using helm chart provided by the installer, so components are not using untrusted charts except in the application-lifecycle area. For this reason we marked the impact as low. For RHACM, the credentials could be leaked only when a helm chart is stored in a domain other than the helm repository itself. In practice, this rarely happens as the chart is stored in the same helm repository. For example, this chart in the helm repo https://charts.helm.sh/stable/index.yaml references only charts stored in the same domain (charts.heml.sh). From version, 2.2 onwards, multicloud-operators-placementrule and multicloud-operators-deployable do not use helm at all.\n\nOpenShift Developer Tools and Services:\n\nThe OpenShift Helm team has analyzed this CVE and we have come to the conclusion that this only affects OpenShift Helm customers that use the CLI to install and update charts. It does not affect customers that use the OpenShift Console to install and update charts. To mitigate this issue, customers can refresh their Helm cli by following the Red Had official Helm install guide here: https://docs.openshift.com/container-platform/4.7/cli_reference/helm_cli/getting-started-with-helm-on-openshift-container-platform.html#installing-helm_getting-started-with-helm-on-openshift. The mirror (https://mirror.openshift.com/pub/openshift-v4/clients/helm/latest/) have already been updated with helm 3.6.2 which contains the fix for this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
],
"known_not_affected": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-32690"
},
{
"category": "external",
"summary": "RHBZ#1978144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1978144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-32690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32690"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-32690",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32690"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/security/advisories/GHSA-56hp-xqp3-w2jf",
"url": "https://github.com/helm/helm/security/advisories/GHSA-56hp-xqp3-w2jf"
}
],
"release_date": "2021-06-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "To take advantage of these new features, fixes and changes, please upgrade Red Hat Advanced Cluster Security for Kubernetes to version 3.67.",
"product_ids": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4902"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "helm: information disclosure vulnerability"
},
{
"cve": "CVE-2021-39293",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2006044"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. An attacker capable of submitting a crafted ZIP file to a Go application using archive/zip to process that file could cause a denial of service via memory exhaustion or panic. This particular flaw is an incomplete fix for a previous flaw.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In OpenShift Container Platform, multiple components are written in Go and use archive/zip from the standard library. However, all such components are short lived client side tools, not long lived server side executables. As the maximum impact of this vulnerability is a denial of service in client utilities, this vulnerability is rated Low for OpenShift Container Platform.\n\n* This flaw is out of support scope for Red Hat Enterprise Linux 7. For more information about Red Hat Enterprise Linux support scope, please see https://access.redhat.com/support/policy/updates/errata\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s smart-gateway-container and sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
],
"known_not_affected": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-operator-bundle@sha256:9629a16f4009d48e580bc389d632a43c698ffd53c74364293fcf035a4c944382_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39293"
},
{
"category": "external",
"summary": "RHBZ#2006044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006044"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw",
"url": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw"
}
],
"release_date": "2021-08-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "To take advantage of these new features, fixes and changes, please upgrade Red Hat Advanced Cluster Security for Kubernetes to version 3.67.",
"product_ids": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4902"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-3.67:advanced-cluster-security/rhacs-rhel8-operator@sha256:bf785fa6b8f22a473d1cc58aa9877f41f1161fef360883fee385c4ae421840e2_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)"
}
]
}
rhsa-2022_0947
Vulnerability from csaf_redhat
Published
2022-03-16 15:45
Modified
2024-09-18 14:40
Summary
Red Hat Security Advisory: OpenShift Virtualization 4.10.0 Images security and bug fix update
Notes
Topic
Red Hat OpenShift Virtualization release 4.10.0 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains the following OpenShift Virtualization 4.10.0 images:
RHEL-8-CNV-4.10
==============
kubevirt-velero-plugin-container-v4.10.0-8
virtio-win-container-v4.10.0-10
kubevirt-template-validator-container-v4.10.0-16
hostpath-csi-driver-container-v4.10.0-32
hostpath-provisioner-container-v4.10.0-32
hostpath-provisioner-operator-container-v4.10.0-62
cnv-must-gather-container-v4.10.0-110
virt-cdi-controller-container-v4.10.0-90
virt-cdi-apiserver-container-v4.10.0-90
virt-cdi-uploadserver-container-v4.10.0-90
virt-cdi-uploadproxy-container-v4.10.0-90
virt-cdi-operator-container-v4.10.0-90
virt-cdi-cloner-container-v4.10.0-90
virt-cdi-importer-container-v4.10.0-90
kubevirt-ssp-operator-container-v4.10.0-50
virt-api-container-v4.10.0-217
hyperconverged-cluster-webhook-container-v4.10.0-133
libguestfs-tools-container-v4.10.0-217
virt-handler-container-v4.10.0-217
virt-launcher-container-v4.10.0-217
virt-artifacts-server-container-v4.10.0-217
virt-controller-container-v4.10.0-217
node-maintenance-operator-container-v4.10.0-48
hyperconverged-cluster-operator-container-v4.10.0-133
virt-operator-container-v4.10.0-217
cnv-containernetworking-plugins-container-v4.10.0-49
kubemacpool-container-v4.10.0-49
bridge-marker-container-v4.10.0-49
ovs-cni-marker-container-v4.10.0-49
ovs-cni-plugin-container-v4.10.0-49
kubernetes-nmstate-handler-container-v4.10.0-49
cluster-network-addons-operator-container-v4.10.0-49
hco-bundle-registry-container-v4.10.0-696
Security Fix(es):
* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* golang: net: lookup functions may return invalid host names (CVE-2021-33195)
* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)
* golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)
* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)
* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)
* golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release 4.10.0 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 4.10.0 images:\n\nRHEL-8-CNV-4.10\n\n==============\n\nkubevirt-velero-plugin-container-v4.10.0-8\nvirtio-win-container-v4.10.0-10\nkubevirt-template-validator-container-v4.10.0-16\nhostpath-csi-driver-container-v4.10.0-32\nhostpath-provisioner-container-v4.10.0-32\nhostpath-provisioner-operator-container-v4.10.0-62\ncnv-must-gather-container-v4.10.0-110\nvirt-cdi-controller-container-v4.10.0-90\nvirt-cdi-apiserver-container-v4.10.0-90\nvirt-cdi-uploadserver-container-v4.10.0-90\nvirt-cdi-uploadproxy-container-v4.10.0-90\nvirt-cdi-operator-container-v4.10.0-90\nvirt-cdi-cloner-container-v4.10.0-90\nvirt-cdi-importer-container-v4.10.0-90\nkubevirt-ssp-operator-container-v4.10.0-50\nvirt-api-container-v4.10.0-217\nhyperconverged-cluster-webhook-container-v4.10.0-133\nlibguestfs-tools-container-v4.10.0-217\nvirt-handler-container-v4.10.0-217\nvirt-launcher-container-v4.10.0-217\nvirt-artifacts-server-container-v4.10.0-217\nvirt-controller-container-v4.10.0-217\nnode-maintenance-operator-container-v4.10.0-48\nhyperconverged-cluster-operator-container-v4.10.0-133\nvirt-operator-container-v4.10.0-217\ncnv-containernetworking-plugins-container-v4.10.0-49\nkubemacpool-container-v4.10.0-49\nbridge-marker-container-v4.10.0-49\novs-cni-marker-container-v4.10.0-49\novs-cni-plugin-container-v4.10.0-49\nkubernetes-nmstate-handler-container-v4.10.0-49\ncluster-network-addons-operator-container-v4.10.0-49\nhco-bundle-registry-container-v4.10.0-696\n\nSecurity Fix(es):\n\n* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: net: lookup functions may return invalid host names (CVE-2021-33195)\n\n* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)\n\n* golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)\n\n* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)\n\n* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)\n\n* golang: syscall: don\u0027t close fd 0 on ForkExec error (CVE-2021-44717)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0947",
"url": "https://access.redhat.com/errata/RHSA-2022:0947"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1760028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1760028"
},
{
"category": "external",
"summary": "1855182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855182"
},
{
"category": "external",
"summary": "1906151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906151"
},
{
"category": "external",
"summary": "1918294",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918294"
},
{
"category": "external",
"summary": "1935217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1935217"
},
{
"category": "external",
"summary": "1945586",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945586"
},
{
"category": "external",
"summary": "1958085",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958085"
},
{
"category": "external",
"summary": "1959039",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959039"
},
{
"category": "external",
"summary": "1975978",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975978"
},
{
"category": "external",
"summary": "1983079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983079"
},
{
"category": "external",
"summary": "1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "1986970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986970"
},
{
"category": "external",
"summary": "1987009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1987009"
},
{
"category": "external",
"summary": "1989564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989564"
},
{
"category": "external",
"summary": "1989570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989570"
},
{
"category": "external",
"summary": "1989575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989575"
},
{
"category": "external",
"summary": "1990061",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990061"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "1992231",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992231"
},
{
"category": "external",
"summary": "1993454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1993454"
},
{
"category": "external",
"summary": "1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "external",
"summary": "1997540",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1997540"
},
{
"category": "external",
"summary": "1998300",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1998300"
},
{
"category": "external",
"summary": "1999110",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999110"
},
{
"category": "external",
"summary": "1999636",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999636"
},
{
"category": "external",
"summary": "2000480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000480"
},
{
"category": "external",
"summary": "2001984",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001984"
},
{
"category": "external",
"summary": "2001987",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001987"
},
{
"category": "external",
"summary": "2002272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002272"
},
{
"category": "external",
"summary": "2003704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003704"
},
{
"category": "external",
"summary": "2007397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007397"
},
{
"category": "external",
"summary": "2008140",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008140"
},
{
"category": "external",
"summary": "2008411",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008411"
},
{
"category": "external",
"summary": "2008938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008938"
},
{
"category": "external",
"summary": "2008949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008949"
},
{
"category": "external",
"summary": "2008975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008975"
},
{
"category": "external",
"summary": "2010540",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010540"
},
{
"category": "external",
"summary": "2010908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010908"
},
{
"category": "external",
"summary": "2012920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2012920"
},
{
"category": "external",
"summary": "2013160",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013160"
},
{
"category": "external",
"summary": "2013455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013455"
},
{
"category": "external",
"summary": "2015327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015327"
},
{
"category": "external",
"summary": "2017255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2017255"
},
{
"category": "external",
"summary": "2018457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018457"
},
{
"category": "external",
"summary": "2018925",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018925"
},
{
"category": "external",
"summary": "2018970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018970"
},
{
"category": "external",
"summary": "2019053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019053"
},
{
"category": "external",
"summary": "2021992",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021992"
},
{
"category": "external",
"summary": "2025295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025295"
},
{
"category": "external",
"summary": "2025750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025750"
},
{
"category": "external",
"summary": "2025878",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025878"
},
{
"category": "external",
"summary": "2026336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026336"
},
{
"category": "external",
"summary": "2026363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026363"
},
{
"category": "external",
"summary": "2026665",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026665"
},
{
"category": "external",
"summary": "2026667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026667"
},
{
"category": "external",
"summary": "2027420",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027420"
},
{
"category": "external",
"summary": "2027922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027922"
},
{
"category": "external",
"summary": "2029343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029343"
},
{
"category": "external",
"summary": "2029767",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029767"
},
{
"category": "external",
"summary": "2030660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030660"
},
{
"category": "external",
"summary": "2030686",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030686"
},
{
"category": "external",
"summary": "2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "external",
"summary": "2030806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
},
{
"category": "external",
"summary": "2031033",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031033"
},
{
"category": "external",
"summary": "2031688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031688"
},
{
"category": "external",
"summary": "2031727",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031727"
},
{
"category": "external",
"summary": "2031919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031919"
},
{
"category": "external",
"summary": "2032045",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032045"
},
{
"category": "external",
"summary": "2032845",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032845"
},
{
"category": "external",
"summary": "2032873",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032873"
},
{
"category": "external",
"summary": "2032876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032876"
},
{
"category": "external",
"summary": "2033240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2033240"
},
{
"category": "external",
"summary": "2033252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2033252"
},
{
"category": "external",
"summary": "2034544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034544"
},
{
"category": "external",
"summary": "2035008",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035008"
},
{
"category": "external",
"summary": "2035324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035324"
},
{
"category": "external",
"summary": "2035658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035658"
},
{
"category": "external",
"summary": "2035677",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035677"
},
{
"category": "external",
"summary": "2036220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036220"
},
{
"category": "external",
"summary": "2036483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036483"
},
{
"category": "external",
"summary": "2036605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036605"
},
{
"category": "external",
"summary": "2037270",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037270"
},
{
"category": "external",
"summary": "2037290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037290"
},
{
"category": "external",
"summary": "2037312",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037312"
},
{
"category": "external",
"summary": "2037421",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037421"
},
{
"category": "external",
"summary": "2038679",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038679"
},
{
"category": "external",
"summary": "2038825",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038825"
},
{
"category": "external",
"summary": "2038831",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038831"
},
{
"category": "external",
"summary": "2038985",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038985"
},
{
"category": "external",
"summary": "2039196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039196"
},
{
"category": "external",
"summary": "2039208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039208"
},
{
"category": "external",
"summary": "2039489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039489"
},
{
"category": "external",
"summary": "2039683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039683"
},
{
"category": "external",
"summary": "2039686",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039686"
},
{
"category": "external",
"summary": "2039691",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039691"
},
{
"category": "external",
"summary": "2040113",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040113"
},
{
"category": "external",
"summary": "2040115",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040115"
},
{
"category": "external",
"summary": "2041519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041519"
},
{
"category": "external",
"summary": "2041530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041530"
},
{
"category": "external",
"summary": "2042139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042139"
},
{
"category": "external",
"summary": "2042799",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042799"
},
{
"category": "external",
"summary": "2042842",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042842"
},
{
"category": "external",
"summary": "2042856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042856"
},
{
"category": "external",
"summary": "2042880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042880"
},
{
"category": "external",
"summary": "2042908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042908"
},
{
"category": "external",
"summary": "2044348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044348"
},
{
"category": "external",
"summary": "2044398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044398"
},
{
"category": "external",
"summary": "2046271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046271"
},
{
"category": "external",
"summary": "2048227",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048227"
},
{
"category": "external",
"summary": "2048275",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048275"
},
{
"category": "external",
"summary": "2051105",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051105"
},
{
"category": "external",
"summary": "2051693",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051693"
},
{
"category": "external",
"summary": "2051968",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051968"
},
{
"category": "external",
"summary": "2052489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052489"
},
{
"category": "external",
"summary": "2053027",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053027"
},
{
"category": "external",
"summary": "2058167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058167"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0947.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization 4.10.0 Images security and bug fix update",
"tracking": {
"current_release_date": "2024-09-18T14:40:11+00:00",
"generator": {
"date": "2024-09-18T14:40:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0947",
"initial_release_date": "2022-03-16T15:45:58+00:00",
"revision_history": [
{
"date": "2022-03-16T15:45:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-03-16T15:45:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:40:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 4.10 for RHEL 8",
"product": {
"name": "CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.10::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"product": {
"name": "container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"product_id": "container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/bridge-marker\u0026tag=v4.10.0-49"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"product": {
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"product_id": "container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cluster-network-addons-operator\u0026tag=v4.10.0-49"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"product": {
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"product_id": "container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-containernetworking-plugins\u0026tag=v4.10.0-49"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"product": {
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"product_id": "container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-must-gather-rhel8\u0026tag=v4.10.0-110"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"product": {
"name": "container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"product_id": "container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hco-bundle-registry\u0026tag=v4.10.0-696"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"product": {
"name": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"product_id": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-csi-driver-rhel8\u0026tag=v4.10.0-32"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"product": {
"name": "container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"product_id": "container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-csi-driver\u0026tag=v4.10.0-32"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"product_id": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8\u0026tag=v4.10.0-32"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"product_id": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8-operator\u0026tag=v4.10.0-62"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"product_id": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-operator\u0026tag=v4.10.0-133"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"product_id": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-webhook-rhel8\u0026tag=v4.10.0-133"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"product": {
"name": "container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"product_id": "container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubemacpool\u0026tag=v4.10.0-49"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"product": {
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"product_id": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubernetes-nmstate-handler-rhel8\u0026tag=v4.10.0-49"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"product_id": "container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-ssp-operator\u0026tag=v4.10.0-50"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"product_id": "container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-template-validator\u0026tag=v4.10.0-16"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"product": {
"name": "container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"product_id": "container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/libguestfs-tools\u0026tag=v4.10.0-217"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"product": {
"name": "container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"product_id": "container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"product_identification_helper": {
"purl": "pkg:oci/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/node-maintenance-operator\u0026tag=v4.10.0-48"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"product": {
"name": "container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"product_id": "container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-marker\u0026tag=v4.10.0-49"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"product": {
"name": "container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"product_id": "container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-plugin\u0026tag=v4.10.0-49"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"product": {
"name": "container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"product_id": "container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-api\u0026tag=v4.10.0-217"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"product": {
"name": "container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"product_id": "container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-artifacts-server\u0026tag=v4.10.0-217"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"product_id": "container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-apiserver\u0026tag=v4.10.0-90"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"product_id": "container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-cloner\u0026tag=v4.10.0-90"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"product_id": "container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-controller\u0026tag=v4.10.0-90"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"product_id": "container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-importer\u0026tag=v4.10.0-90"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"product_id": "container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-operator\u0026tag=v4.10.0-90"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"product_id": "container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadproxy\u0026tag=v4.10.0-90"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"product_id": "container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadserver\u0026tag=v4.10.0-90"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"product": {
"name": "container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"product_id": "container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-controller\u0026tag=v4.10.0-217"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"product": {
"name": "container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"product_id": "container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-handler\u0026tag=v4.10.0-217"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64",
"product": {
"name": "container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64",
"product_id": "container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virtio-win\u0026tag=v4.10.0-10"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"product": {
"name": "container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"product_id": "container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-launcher\u0026tag=v4.10.0-217"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"product": {
"name": "container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"product_id": "container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-operator\u0026tag=v4.10.0-217"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64"
},
"product_reference": "container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64"
},
"product_reference": "container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64"
},
"product_reference": "container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
},
"product_reference": "container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64"
},
"product_reference": "container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64"
},
"product_reference": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64"
},
"product_reference": "container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64"
},
"product_reference": "container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64"
},
"product_reference": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64"
},
"product_reference": "container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64"
},
"product_reference": "container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64"
},
"product_reference": "container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64"
},
"product_reference": "container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64"
},
"product_reference": "container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64"
},
"product_reference": "container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64"
},
"product_reference": "container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64"
},
"product_reference": "container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64"
},
"product_reference": "container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64"
},
"product_reference": "container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
},
"product_reference": "container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
],
"known_not_affected": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0947"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-33195",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1989564"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go. The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in the net package and methods on the Resolver type, may return arbitrary values retrieved from DNS, allowing injection of unexpected contents. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: lookup functions may return invalid host names",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* For Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the golang-qpid-apache package.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
],
"known_not_affected": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33195"
},
{
"category": "external",
"summary": "RHBZ#1989564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989564"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33195",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33195"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33195",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33195"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
"url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
}
],
"release_date": "2021-05-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0947"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: lookup functions may return invalid host names"
},
{
"cve": "CVE-2021-33197",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1989570"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go, acting as an unintended proxy or intermediary, where ReverseProxy forwards connection headers if the first one was empty. This flaw allows an attacker to drop arbitrary headers. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* For Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the golang-qpid-apache package.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
],
"known_not_affected": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33197"
},
{
"category": "external",
"summary": "RHBZ#1989570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33197"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
"url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
}
],
"release_date": "2021-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0947"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty"
},
{
"cve": "CVE-2021-33198",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-08-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1989575"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go, where it attempts to allocate excessive memory. This issue may cause panic or unrecoverable fatal error if passed inputs with very large exponents. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
],
"known_not_affected": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33198"
},
{
"category": "external",
"summary": "RHBZ#1989575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989575"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33198",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33198"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33198",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33198"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
"url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
}
],
"release_date": "2021-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0947"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents"
},
{
"cve": "CVE-2021-34558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1983596"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate\u0027s private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0\u20131.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This vulnerability potentially affects any component written in Go that uses crypto/tls from the standard library. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components: \n - OpenShift Container Platform\n - OpenShift distributed tracing (formerly OpenShift Jaeger)\n - OpenShift Migration Toolkit for Containers\n - Red Hat Advanced Cluster Management for Kubernetes\n - Red Hat OpenShift on AWS\n - Red Hat OpenShift Virtualization\n\n* Because OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
],
"known_not_affected": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34558"
},
{
"category": "external",
"summary": "RHBZ#1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.15.minor",
"url": "https://golang.org/doc/devel/release#go1.15.minor"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.16.minor",
"url": "https://golang.org/doc/devel/release#go1.16.minor"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0947"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic"
},
{
"cve": "CVE-2021-36221",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-08-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995656"
}
],
"notes": [
{
"category": "description",
"text": "A race condition flaw was found in Go. The incoming requests body weren\u0027t closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the impacted RHOSP packages.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF1.3, no update will be provided at this time for the STF1.3 sg-core-container. Additionally, because Service Telemetry Framework1.2 will be retiring soon, no update will be provided at this time for the STF1.2 smart-gateway-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
],
"known_not_affected": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36221"
},
{
"category": "external",
"summary": "RHBZ#1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk",
"url": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0947"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic"
},
{
"cve": "CVE-2021-44716",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030801"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s an uncontrolled resource consumption flaw in golang\u0027s net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http\u0027s http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: limit growth of header canonicalization cache",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform, OpenShift Virtualization, Red Hat Quay and OpenShift distributed tracing the most an attacker can possibly achieve by exploiting this vulnerability is to crash a container, temporarily impacting availability of one or more services. Therefore impact is rated Moderate.\n\nIn its default configuration, grafana as shipped in Red Hat Enterprise Linux 8 is not affected by this vulnerability. However, enabling http2 in /etc/grafana/grafana.ini explicitly would render grafana affected, therefore grafana has been marked affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
],
"known_not_affected": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44716"
},
{
"category": "external",
"summary": "RHBZ#2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0947"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling HTTP/2. Setting the GODEBUG=http2server=0 environment variable before calling Serve will disable HTTP/2 unless it was manually configured through the golang.org/x/net/http2 package.",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: limit growth of header canonicalization cache"
},
{
"cve": "CVE-2021-44717",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030806"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a flaw in golang\u0027s syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: syscall: don\u0027t close fd 0 on ForkExec error",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This flaw has had the severity level set to Moderate due to the attack complexity required to exhaust file descriptors at the time ForkExec is called, plus an attacker does not necessarily have direct control over where/how data is leaked.\n\n* For Service Telemetry Framework, because the flaw\u0027s impact is lower, no update will be provided at this time for its containers.\n\n* runc shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this flaw because the flaw is already patched in the shipped versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
],
"known_not_affected": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44717"
},
{
"category": "external",
"summary": "RHBZ#2030806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0947"
},
{
"category": "workaround",
"details": "This bug can be mitigated by raising the per-process file descriptor limit.",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:946d8c7ac55eed8d4b50feb9bd583e566280084ff76150a7f53314faa2b6ab67_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:21b1cd4fb9a395102e27ad7a291aee6aefdfac4b1524a7110636d0307d68a9c2_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:6a7f96677baedde6282675a7011d5965a07608cd596caaf7967f9a2823fe7d2f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:62a0b34b90514c743a129270fdc85ed2ecffd6460606176080c6b5b91103f29f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:35b29e8eb48d9818a1217d5b89e4dcb7a900c5c5e6ae3745683813c5708c86e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:f0519da54d7c1ebb8cca73f8222ae9b26bafd7f7bcf62bd84d256a86a6cfe3ab_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:95e2d880c43a8333d9d351f391a0b65b3085fc0236908ab1df2d5aabea6069a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:f396b60e29000834bcb4ebfa8ea9a8c67280f7cac080ecbbe7ff4b2e19b5897f_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:092b22e2dab463306ccc3a3817046a4e327b6f16b1ce3f3619329436b81047f0_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:4fd8d3c8ced084991de9d21a3ecdf0f512c6702d391ddf2a9817a5430c14a254_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:c2b2dbf742429c80e3c2ac8a7a6844f971e8c16c63b3eb0cc878f306cb04d4cb_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:5e0d2f8647eb83d7b3b22a80b4593eee033b6d1485bd89ae9bc90bfeee953b56_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:70d559676fa416e87062bc07f5415e62d1df8a20d5848992a54e691011a7aa7c_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:344d9a9ba1564278bb4bde072bf65447c42b49fcaf819d7aa905b5adb7eaaa9e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:cb64c3aea1d7d2d00b04cdb1da051f084c6874a5908ec69f50a2a858d710341d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:6060538f9ff00a856ba0f46cedf98c76a171aeea8b81f7f6c7a62326a7ea40b6_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a000a9d35271501bd20084427b4b6db736ba6b6a23ddfab75a2867dac9a9be84_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:c8fc3c21b74d18c831e5a24d728b9d227feb09661cd2d9d68708880b21efb83e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:7a55175cbaa7049e32f7238ba6a79e3f893f345011db83139de635e9a9c5ccf0_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:54d0c8b98f312b9f1e8e2858cbc0fbb6eb59b85e87a2c84b92e7380965096ead_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:44566f5489fe19a06e370360a85f47dfc9fcd8eed48e3400a8128b505ba7cc9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:b64dcceee917ec5fd626376421f2cd9312157a081b9462f5cf27d616926c2cc0_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:0ef594a814b548b3846062cfe900290b9f93be03d8f09937d540024d47becc60_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:17d12998bd79152a96e82db905897a1dd3b5119141f9fd9b42750f213f99829f_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:2d78cb1eb30b39cb09030811016c016a833b88c55d3f759bdae95bb77ecf384a_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:a5cd7fc7bfd87376f2aad0f044a951f370442adbb463ff7a4c7f856382b11003_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:f30b342abc922126dbc657a20821529249458b27707b18aa4eda26ca37913cdc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:62065ae5ac5c032dcac15ade3e06c51ec3a8d9eca3898adbd7887764613c3fbe_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:19f3cd981dab062e8b3ca5c63a5ebe602e5555d6f4f896abcf109b89814bc3b4_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:12acc4f0ccfb5f171aee6042052da551b2c46f35c99702d512b628c8b59812bc_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:1b0b35d082094c398dd87ac6d9ecc1a0d88f1e9205a476c4447f30a14ca9e80d_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:e843ab661ec7189936c491a230b7fa5de91841bb514542c6e5a4df576e86d7a5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: syscall: don\u0027t close fd 0 on ForkExec error"
}
]
}
rhsa-2022_0997
Vulnerability from csaf_redhat
Published
2022-03-23 22:11
Modified
2024-09-18 14:40
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (golang-qpid-apache) security update
Notes
Topic
An update for golang-qpid-apache is now available for Red Hat OpenStack
Platform 16.2 (Train).
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Golang binding library for qpid-proton
Security Fix(es):
* net: incorrect parsing of extraneous zero characters at the beginning of
an IP address octet (CVE-2021-29923)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang-qpid-apache is now available for Red Hat OpenStack\nPlatform 16.2 (Train).\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Golang binding library for qpid-proton\n\nSecurity Fix(es):\n\n* net: incorrect parsing of extraneous zero characters at the beginning of\nan IP address octet (CVE-2021-29923)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0997",
"url": "https://access.redhat.com/errata/RHSA-2022:0997"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0997.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (golang-qpid-apache) security update",
"tracking": {
"current_release_date": "2024-09-18T14:40:28+00:00",
"generator": {
"date": "2024-09-18T14:40:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0997",
"initial_release_date": "2022-03-23T22:11:36+00:00",
"revision_history": [
{
"date": "2022-03-23T22:11:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-03-23T22:11:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:40:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 16.2",
"product": {
"name": "Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:16.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src",
"product": {
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src",
"product_id": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-qpid-apache@0.32.0-rc1.9.el8ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64",
"product": {
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64",
"product_id": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-qpid-apache@0.32.0-rc1.9.el8ost?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le",
"product": {
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le",
"product_id": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-qpid-apache@0.32.0-rc1.9.el8ost?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le"
},
"product_reference": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src"
},
"product_reference": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64"
},
"product_reference": "golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le",
"8Base-RHOS-16.2:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src",
"8Base-RHOS-16.2:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le",
"8Base-RHOS-16.2:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src",
"8Base-RHOS-16.2:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0997"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOS-16.2:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le",
"8Base-RHOS-16.2:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src",
"8Base-RHOS-16.2:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.ppc64le",
"8Base-RHOS-16.2:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.src",
"8Base-RHOS-16.2:golang-qpid-apache-0:0.32.0-rc1.9.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
}
]
}
rhsa-2022_0577
Vulnerability from csaf_redhat
Published
2022-03-28 09:34
Modified
2024-09-18 14:40
Summary
Red Hat Security Advisory: Windows Container Support for Red Hat OpenShift 5.0.0 [security update]
Notes
Topic
The components for Windows Container Support for Red Hat OpenShift 5.0.0 are now available. This product release includes bug fixes and a moderate security update for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Windows Container Support for Red Hat OpenShift allows you to deploy Windows container workloads running on Windows Server containers.
Security Fix(es):
* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)
* golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension (CVE-2020-28851)
* golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852)
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header (CVE-2021-31525)
* golang: net: lookup functions may return invalid host names (CVE-2021-33195)
* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)
* golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)
* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)
* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The components for Windows Container Support for Red Hat OpenShift 5.0.0 are now available. This product release includes bug fixes and a moderate security update for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Windows Container Support for Red Hat OpenShift allows you to deploy Windows container workloads running on Windows Server containers.\n\nSecurity Fix(es):\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)\n* golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension (CVE-2020-28851)\n* golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852)\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n* golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header (CVE-2021-31525)\n* golang: net: lookup functions may return invalid host names (CVE-2021-33195)\n* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)\n* golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)\n* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)\n* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0577",
"url": "https://access.redhat.com/errata/RHSA-2022:0577"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1913333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333"
},
{
"category": "external",
"summary": "1913338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338"
},
{
"category": "external",
"summary": "1921650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650"
},
{
"category": "external",
"summary": "1958341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958341"
},
{
"category": "external",
"summary": "1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "1989564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989564"
},
{
"category": "external",
"summary": "1989570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989570"
},
{
"category": "external",
"summary": "1989575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989575"
},
{
"category": "external",
"summary": "1990573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990573"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "1992841",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992841"
},
{
"category": "external",
"summary": "1994859",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994859"
},
{
"category": "external",
"summary": "1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "external",
"summary": "2000772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000772"
},
{
"category": "external",
"summary": "2001547",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001547"
},
{
"category": "external",
"summary": "2002961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002961"
},
{
"category": "external",
"summary": "2005360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005360"
},
{
"category": "external",
"summary": "2008601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008601"
},
{
"category": "external",
"summary": "2015772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015772"
},
{
"category": "external",
"summary": "2032048",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032048"
},
{
"category": "external",
"summary": "WINC-747",
"url": "https://issues.redhat.com/browse/WINC-747"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0577.json"
}
],
"title": "Red Hat Security Advisory: Windows Container Support for Red Hat OpenShift 5.0.0 [security update]",
"tracking": {
"current_release_date": "2024-09-18T14:40:51+00:00",
"generator": {
"date": "2024-09-18T14:40:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0577",
"initial_release_date": "2022-03-28T09:34:15+00:00",
"revision_history": [
{
"date": "2022-03-28T09:34:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-03-28T09:34:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:40:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.10",
"product": {
"name": "Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.10::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"product": {
"name": "openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"product_id": "openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"product_identification_helper": {
"purl": "pkg:oci/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072?arch=amd64\u0026repository_url=registry.redhat.io/openshift4-wincw/windows-machine-config-operator-bundle\u0026tag=v5.0.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64",
"product": {
"name": "openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64",
"product_id": "openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe?arch=amd64\u0026repository_url=registry.redhat.io/openshift4-wincw/windows-machine-config-rhel8-operator\u0026tag=5.0.0-5"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64"
},
"product_reference": "openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64 as a component of Red Hat OpenShift Container Platform 4.10",
"product_id": "8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
},
"product_reference": "openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.10"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-28851",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org. In x/text, an \"index out of range\" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Below Red Hat products include the affected version of \u0027golang.org/x/text\u0027, however the language package is not being used and hence they are rated as having a security impact of Low. A future update may address this issue.\n\n* Red Hat OpenShift Container Storage 4\n* OpenShift ServiceMesh (OSSM)\n* Red Hat Gluster Storage 3\n* Windows Container Support for Red Hat OpenShift\n\nOnly three components in OpenShift Container Platform include the affected package, \u0027golang.org/x/text/language\u0027 , the installer, baremetal installer and thanos container images. All other components that include a version of \u0027golang.org/x/text\u0027 do not include the \u0027language\u0027 package and are therefore not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28851"
},
{
"category": "external",
"summary": "RHBZ#1913333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28851",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28851"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28851",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28851"
}
],
"release_date": "2021-01-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For Windows Machine Config Operator upgrades, see the following documentation: https://docs.openshift.com/container-platform/latest/windows_containers/windows-node-upgrades.html",
"product_ids": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension"
},
{
"cve": "CVE-2020-28852",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2021-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org. In x/text, a \"slice bounds out of range\" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Below Red Hat products include the affected version of \u0027golang.org/x/text\u0027, however the language package is not being used and hence they are rated as having a security impact of Low. A future update may address this issue.\n\n* Red Hat OpenShift Container Storage 4\n* OpenShift ServiceMesh (OSSM)\n* Red Hat Gluster Storage 3\n* Windows Container Support for Red Hat OpenShift\n\nOnly three components in OpenShift Container Platform include the affected package, \u0027golang.org/x/text/language\u0027 , the installer, baremetal installer and thanos container images. All other components that include a version of \u0027golang.org/x/text\u0027 do not include the \u0027language\u0027 package and are therefore not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28852"
},
{
"category": "external",
"summary": "RHBZ#1913338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28852",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28852"
}
],
"release_date": "2021-01-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For Windows Machine Config Operator upgrades, see the following documentation: https://docs.openshift.com/container-platform/latest/windows_containers/windows-node-upgrades.html",
"product_ids": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag"
},
{
"cve": "CVE-2021-3121",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2021-01-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1921650"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/gogo/protobuf before 1.3.2 that allows an out-of-bounds access when unmarshalling certain protobuf objects. This flaw allows a remote attacker to send crafted protobuf messages, causing panic and resulting in a denial of service. The highest threat from this vulnerability is to availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM) and Red Hat OpenShift Jaeger (RHOSJ) all include code generated by github.com/gogo/protobuf to parse protobuf messages. However, no component is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate for OCP, OSSM and RHOSJ.\n\nOpenShift Virtualization includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no component of OpenShift Virtualization is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no RHACM component is accepting protobuf messages from unauthenticated sources and are used with a limited scope, hence this vulnerability is rated Moderate for RHACM.\n\nRed Hat Cluster Application Migration (CAM) includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no CAM component is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate for CAM.\n\nCryostat-2 is affected as it does ship gogo/protobuf library with it\u0027s distribution but the only use for Protobuf would be the Kubernetes/OpenShift API server the operator communicates with and it should be authenticated hence it is affected with Moderate impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3121"
},
{
"category": "external",
"summary": "RHBZ#1921650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121"
}
],
"release_date": "2021-01-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For Windows Machine Config Operator upgrades, see the following documentation: https://docs.openshift.com/container-platform/latest/windows_containers/windows-node-upgrades.html",
"product_ids": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation"
},
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For Windows Machine Config Operator upgrades, see the following documentation: https://docs.openshift.com/container-platform/latest/windows_containers/windows-node-upgrades.html",
"product_ids": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0577"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-31525",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2021-05-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1958341"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was detected in net/http of the Go standard library when parsing very large HTTP header values, causing a crash and subsequent denial of service. This vulnerability affects both clients and servers written in Go, however, servers are only vulnerable if the value of MaxHeaderBytes has been increased from the default.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses net/http from the standard library. In OpenShift Container Platform (OCP), OpenShift Virtualization, OpenShift ServiceMesh (OSSM) and OpenShift distributed tracing (formerly OpenShift Jaeger), no server side component allows HTTP header values larger than 1 MB (the default), preventing this vulnerability from being exploited by malicious clients. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components: \n* OpenShift Container Platform\n* OpenShift Virtualization \n* OpenShift ServiceMesh\n* OpenShift distributed tracing components.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-31525"
},
{
"category": "external",
"summary": "RHBZ#1958341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-31525",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-31525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31525"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc",
"url": "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc"
}
],
"release_date": "2021-04-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For Windows Machine Config Operator upgrades, see the following documentation: https://docs.openshift.com/container-platform/latest/windows_containers/windows-node-upgrades.html",
"product_ids": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header"
},
{
"cve": "CVE-2021-33195",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1989564"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go. The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in the net package and methods on the Resolver type, may return arbitrary values retrieved from DNS, allowing injection of unexpected contents. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: lookup functions may return invalid host names",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* For Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the golang-qpid-apache package.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33195"
},
{
"category": "external",
"summary": "RHBZ#1989564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989564"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33195",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33195"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33195",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33195"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
"url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
}
],
"release_date": "2021-05-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For Windows Machine Config Operator upgrades, see the following documentation: https://docs.openshift.com/container-platform/latest/windows_containers/windows-node-upgrades.html",
"product_ids": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: lookup functions may return invalid host names"
},
{
"cve": "CVE-2021-33197",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1989570"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go, acting as an unintended proxy or intermediary, where ReverseProxy forwards connection headers if the first one was empty. This flaw allows an attacker to drop arbitrary headers. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* For Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the golang-qpid-apache package.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33197"
},
{
"category": "external",
"summary": "RHBZ#1989570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33197"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
"url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
}
],
"release_date": "2021-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For Windows Machine Config Operator upgrades, see the following documentation: https://docs.openshift.com/container-platform/latest/windows_containers/windows-node-upgrades.html",
"product_ids": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty"
},
{
"cve": "CVE-2021-33198",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-08-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1989575"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go, where it attempts to allocate excessive memory. This issue may cause panic or unrecoverable fatal error if passed inputs with very large exponents. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33198"
},
{
"category": "external",
"summary": "RHBZ#1989575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989575"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33198",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33198"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33198",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33198"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
"url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
}
],
"release_date": "2021-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For Windows Machine Config Operator upgrades, see the following documentation: https://docs.openshift.com/container-platform/latest/windows_containers/windows-node-upgrades.html",
"product_ids": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents"
},
{
"cve": "CVE-2021-34558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1983596"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate\u0027s private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0\u20131.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This vulnerability potentially affects any component written in Go that uses crypto/tls from the standard library. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components: \n - OpenShift Container Platform\n - OpenShift distributed tracing (formerly OpenShift Jaeger)\n - OpenShift Migration Toolkit for Containers\n - Red Hat Advanced Cluster Management for Kubernetes\n - Red Hat OpenShift on AWS\n - Red Hat OpenShift Virtualization\n\n* Because OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34558"
},
{
"category": "external",
"summary": "RHBZ#1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.15.minor",
"url": "https://golang.org/doc/devel/release#go1.15.minor"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.16.minor",
"url": "https://golang.org/doc/devel/release#go1.16.minor"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For Windows Machine Config Operator upgrades, see the following documentation: https://docs.openshift.com/container-platform/latest/windows_containers/windows-node-upgrades.html",
"product_ids": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0577"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic"
},
{
"cve": "CVE-2021-36221",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-08-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995656"
}
],
"notes": [
{
"category": "description",
"text": "A race condition flaw was found in Go. The incoming requests body weren\u0027t closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the impacted RHOSP packages.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF1.3, no update will be provided at this time for the STF1.3 sg-core-container. Additionally, because Service Telemetry Framework1.2 will be retiring soon, no update will be provided at this time for the STF1.2 smart-gateway-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36221"
},
{
"category": "external",
"summary": "RHBZ#1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk",
"url": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For Windows Machine Config Operator upgrades, see the following documentation: https://docs.openshift.com/container-platform/latest/windows_containers/windows-node-upgrades.html",
"product_ids": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0577"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-operator-bundle@sha256:e6ad3e6e043aeeebc84da2071ca26bb1e89c071598b5088a8a7f237626491072_amd64",
"8Base-RHOSE-4.10:openshift4-wincw/windows-machine-config-rhel8-operator@sha256:31af4d44c7cc4e00219a99451ce2e3523cdba90d575d58979ae1355c4350b6fe_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic"
}
]
}
rhsa-2022_0260
Vulnerability from csaf_redhat
Published
2022-01-25 13:55
Modified
2024-09-18 14:40
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (etcd) security update
Notes
Topic
An update for etcd is now available for Red Hat OpenStack Platform 16.1
(Train).
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
A highly-available key value store for shared configuration
Security Fix(es):
* net/http: limit growth of header canonicalization cache (CVE-2021-44716)
* net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* crypto/tls: certificate of wrong type is causing TLS client to panic
(CVE-2021-34558)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for etcd is now available for Red Hat OpenStack Platform 16.1\n(Train).\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A highly-available key value store for shared configuration\n\nSecurity Fix(es):\n\n* net/http: limit growth of header canonicalization cache (CVE-2021-44716)\n\n* net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* crypto/tls: certificate of wrong type is causing TLS client to panic\n(CVE-2021-34558)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0260",
"url": "https://access.redhat.com/errata/RHSA-2022:0260"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0260.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (etcd) security update",
"tracking": {
"current_release_date": "2024-09-18T14:40:33+00:00",
"generator": {
"date": "2024-09-18T14:40:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0260",
"initial_release_date": "2022-01-25T13:55:40+00:00",
"revision_history": [
{
"date": "2022-01-25T13:55:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-01-25T13:55:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:40:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 16.1",
"product": {
"name": "Red Hat OpenStack Platform 16.1",
"product_id": "8Base-RHOS-16.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:16.1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-0:3.3.23-7.el8ost.src",
"product": {
"name": "etcd-0:3.3.23-7.el8ost.src",
"product_id": "etcd-0:3.3.23-7.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd@3.3.23-7.el8ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-0:3.3.23-7.el8ost.x86_64",
"product": {
"name": "etcd-0:3.3.23-7.el8ost.x86_64",
"product_id": "etcd-0:3.3.23-7.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd@3.3.23-7.el8ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "etcd-debugsource-0:3.3.23-7.el8ost.x86_64",
"product": {
"name": "etcd-debugsource-0:3.3.23-7.el8ost.x86_64",
"product_id": "etcd-debugsource-0:3.3.23-7.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debugsource@3.3.23-7.el8ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"product": {
"name": "etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"product_id": "etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debuginfo@3.3.23-7.el8ost?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-0:3.3.23-7.el8ost.ppc64le",
"product": {
"name": "etcd-0:3.3.23-7.el8ost.ppc64le",
"product_id": "etcd-0:3.3.23-7.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd@3.3.23-7.el8ost?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"product": {
"name": "etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"product_id": "etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debugsource@3.3.23-7.el8ost?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"product": {
"name": "etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"product_id": "etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debuginfo@3.3.23-7.el8ost?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-0:3.3.23-7.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.1",
"product_id": "8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.ppc64le"
},
"product_reference": "etcd-0:3.3.23-7.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-0:3.3.23-7.el8ost.src as a component of Red Hat OpenStack Platform 16.1",
"product_id": "8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.src"
},
"product_reference": "etcd-0:3.3.23-7.el8ost.src",
"relates_to_product_reference": "8Base-RHOS-16.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-0:3.3.23-7.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.1",
"product_id": "8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.x86_64"
},
"product_reference": "etcd-0:3.3.23-7.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.1",
"product_id": "8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le"
},
"product_reference": "etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debuginfo-0:3.3.23-7.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.1",
"product_id": "8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64"
},
"product_reference": "etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debugsource-0:3.3.23-7.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.1",
"product_id": "8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le"
},
"product_reference": "etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debugsource-0:3.3.23-7.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.1",
"product_id": "8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
},
"product_reference": "etcd-debugsource-0:3.3.23-7.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0260"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-34558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1983596"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate\u0027s private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0\u20131.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This vulnerability potentially affects any component written in Go that uses crypto/tls from the standard library. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components: \n - OpenShift Container Platform\n - OpenShift distributed tracing (formerly OpenShift Jaeger)\n - OpenShift Migration Toolkit for Containers\n - Red Hat Advanced Cluster Management for Kubernetes\n - Red Hat OpenShift on AWS\n - Red Hat OpenShift Virtualization\n\n* Because OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34558"
},
{
"category": "external",
"summary": "RHBZ#1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.15.minor",
"url": "https://golang.org/doc/devel/release#go1.15.minor"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.16.minor",
"url": "https://golang.org/doc/devel/release#go1.16.minor"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0260"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic"
},
{
"cve": "CVE-2021-44716",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030801"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s an uncontrolled resource consumption flaw in golang\u0027s net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http\u0027s http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: limit growth of header canonicalization cache",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform, OpenShift Virtualization, Red Hat Quay and OpenShift distributed tracing the most an attacker can possibly achieve by exploiting this vulnerability is to crash a container, temporarily impacting availability of one or more services. Therefore impact is rated Moderate.\n\nIn its default configuration, grafana as shipped in Red Hat Enterprise Linux 8 is not affected by this vulnerability. However, enabling http2 in /etc/grafana/grafana.ini explicitly would render grafana affected, therefore grafana has been marked affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44716"
},
{
"category": "external",
"summary": "RHBZ#2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0260"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling HTTP/2. Setting the GODEBUG=http2server=0 environment variable before calling Serve will disable HTTP/2 unless it was manually configured through the golang.org/x/net/http2 package.",
"product_ids": [
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.src",
"8Base-RHOS-16.1:etcd-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debuginfo-0:3.3.23-7.el8ost.x86_64",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.ppc64le",
"8Base-RHOS-16.1:etcd-debugsource-0:3.3.23-7.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http: limit growth of header canonicalization cache"
}
]
}
rhsa-2021_4910
Vulnerability from csaf_redhat
Published
2021-12-02 14:27
Modified
2024-09-18 14:40
Summary
Red Hat Security Advisory: OpenShift Virtualization 4.8.3 RPMs security and bug fix update
Notes
Topic
Red Hat OpenShift Virtualization release 4.8.3 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization 4.8.3 RPMs.
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release 4.8.3 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform. \n\nThis advisory contains OpenShift Virtualization 4.8.3 RPMs.\n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4910",
"url": "https://access.redhat.com/errata/RHSA-2021:4910"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "2007344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007344"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_4910.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization 4.8.3 RPMs security and bug fix update",
"tracking": {
"current_release_date": "2024-09-18T14:40:17+00:00",
"generator": {
"date": "2024-09-18T14:40:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:4910",
"initial_release_date": "2021-12-02T14:27:54+00:00",
"revision_history": [
{
"date": "2021-12-02T14:27:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-12-02T14:27:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:40:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 4.8 for RHEL 7",
"product": {
"name": "CNV 4.8 for RHEL 7",
"product_id": "7Server-CNV-4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.8::el7"
}
}
},
{
"category": "product_name",
"name": "CNV 4.8 for RHEL 8",
"product": {
"name": "CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.8::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "kubevirt-0:4.8.3-251.el7.src",
"product": {
"name": "kubevirt-0:4.8.3-251.el7.src",
"product_id": "kubevirt-0:4.8.3-251.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt@4.8.3-251.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "kubevirt-0:4.8.3-251.el8.src",
"product": {
"name": "kubevirt-0:4.8.3-251.el8.src",
"product_id": "kubevirt-0:4.8.3-251.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt@4.8.3-251.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kubevirt-virtctl-0:4.8.3-251.el7.x86_64",
"product": {
"name": "kubevirt-virtctl-0:4.8.3-251.el7.x86_64",
"product_id": "kubevirt-virtctl-0:4.8.3-251.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt-virtctl@4.8.3-251.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-redistributable-0:4.8.3-251.el7.x86_64",
"product": {
"name": "kubevirt-virtctl-redistributable-0:4.8.3-251.el7.x86_64",
"product_id": "kubevirt-virtctl-redistributable-0:4.8.3-251.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt-virtctl-redistributable@4.8.3-251.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-0:4.8.3-251.el8.x86_64",
"product": {
"name": "kubevirt-virtctl-0:4.8.3-251.el8.x86_64",
"product_id": "kubevirt-virtctl-0:4.8.3-251.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt-virtctl@4.8.3-251.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-redistributable-0:4.8.3-251.el8.x86_64",
"product": {
"name": "kubevirt-virtctl-redistributable-0:4.8.3-251.el8.x86_64",
"product_id": "kubevirt-virtctl-redistributable-0:4.8.3-251.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt-virtctl-redistributable@4.8.3-251.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-0:4.8.3-251.el7.src as a component of CNV 4.8 for RHEL 7",
"product_id": "7Server-CNV-4.8:kubevirt-0:4.8.3-251.el7.src"
},
"product_reference": "kubevirt-0:4.8.3-251.el7.src",
"relates_to_product_reference": "7Server-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-0:4.8.3-251.el7.x86_64 as a component of CNV 4.8 for RHEL 7",
"product_id": "7Server-CNV-4.8:kubevirt-virtctl-0:4.8.3-251.el7.x86_64"
},
"product_reference": "kubevirt-virtctl-0:4.8.3-251.el7.x86_64",
"relates_to_product_reference": "7Server-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-redistributable-0:4.8.3-251.el7.x86_64 as a component of CNV 4.8 for RHEL 7",
"product_id": "7Server-CNV-4.8:kubevirt-virtctl-redistributable-0:4.8.3-251.el7.x86_64"
},
"product_reference": "kubevirt-virtctl-redistributable-0:4.8.3-251.el7.x86_64",
"relates_to_product_reference": "7Server-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-0:4.8.3-251.el8.src as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:kubevirt-0:4.8.3-251.el8.src"
},
"product_reference": "kubevirt-0:4.8.3-251.el8.src",
"relates_to_product_reference": "8Base-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-0:4.8.3-251.el8.x86_64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:kubevirt-virtctl-0:4.8.3-251.el8.x86_64"
},
"product_reference": "kubevirt-virtctl-0:4.8.3-251.el8.x86_64",
"relates_to_product_reference": "8Base-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-redistributable-0:4.8.3-251.el8.x86_64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:kubevirt-virtctl-redistributable-0:4.8.3-251.el8.x86_64"
},
"product_reference": "kubevirt-virtctl-redistributable-0:4.8.3-251.el8.x86_64",
"relates_to_product_reference": "8Base-CNV-4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-CNV-4.8:kubevirt-0:4.8.3-251.el7.src",
"7Server-CNV-4.8:kubevirt-virtctl-0:4.8.3-251.el7.x86_64",
"7Server-CNV-4.8:kubevirt-virtctl-redistributable-0:4.8.3-251.el7.x86_64",
"8Base-CNV-4.8:kubevirt-0:4.8.3-251.el8.src",
"8Base-CNV-4.8:kubevirt-virtctl-0:4.8.3-251.el8.x86_64",
"8Base-CNV-4.8:kubevirt-virtctl-redistributable-0:4.8.3-251.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-CNV-4.8:kubevirt-0:4.8.3-251.el7.src",
"7Server-CNV-4.8:kubevirt-virtctl-0:4.8.3-251.el7.x86_64",
"7Server-CNV-4.8:kubevirt-virtctl-redistributable-0:4.8.3-251.el7.x86_64",
"8Base-CNV-4.8:kubevirt-0:4.8.3-251.el8.src",
"8Base-CNV-4.8:kubevirt-virtctl-0:4.8.3-251.el8.x86_64",
"8Base-CNV-4.8:kubevirt-virtctl-redistributable-0:4.8.3-251.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4910"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-CNV-4.8:kubevirt-0:4.8.3-251.el7.src",
"7Server-CNV-4.8:kubevirt-virtctl-0:4.8.3-251.el7.x86_64",
"7Server-CNV-4.8:kubevirt-virtctl-redistributable-0:4.8.3-251.el7.x86_64",
"8Base-CNV-4.8:kubevirt-0:4.8.3-251.el8.src",
"8Base-CNV-4.8:kubevirt-virtctl-0:4.8.3-251.el8.x86_64",
"8Base-CNV-4.8:kubevirt-virtctl-redistributable-0:4.8.3-251.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-CNV-4.8:kubevirt-0:4.8.3-251.el7.src",
"7Server-CNV-4.8:kubevirt-virtctl-0:4.8.3-251.el7.x86_64",
"7Server-CNV-4.8:kubevirt-virtctl-redistributable-0:4.8.3-251.el7.x86_64",
"8Base-CNV-4.8:kubevirt-0:4.8.3-251.el8.src",
"8Base-CNV-4.8:kubevirt-virtctl-0:4.8.3-251.el8.x86_64",
"8Base-CNV-4.8:kubevirt-virtctl-redistributable-0:4.8.3-251.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
}
]
}
rhsa-2021_4725
Vulnerability from csaf_redhat
Published
2021-11-17 18:39
Modified
2024-09-18 14:39
Summary
Red Hat Security Advisory: OpenShift Virtualization 2.6.8 Images security and bug fix update
Notes
Topic
Red Hat OpenShift Virtualization release 2.6.8 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains the following OpenShift Virtualization 2.6.8 images:
RHEL-8-CNV-2.6
==============
kubevirt-v2v-conversion-container-v2.6.8-1
hyperconverged-cluster-webhook-container-v2.6.8-1
vm-import-controller-container-v2.6.8-1
kubevirt-cpu-model-nfd-plugin-container-v2.6.8-2
vm-import-operator-container-v2.6.8-1
kubevirt-cpu-node-labeller-container-v2.6.8-1
kubevirt-ssp-operator-container-v2.6.8-1
kubemacpool-container-v2.6.8-1
cluster-network-addons-operator-container-v2.6.8-1
virt-cdi-cloner-container-v2.6.8-1
virt-cdi-uploadproxy-container-v2.6.8-1
kubernetes-nmstate-handler-container-v2.6.8-1
ovs-cni-plugin-container-v2.6.8-1
ovs-cni-marker-container-v2.6.8-1
hostpath-provisioner-operator-container-v2.6.8-1
kubevirt-vmware-container-v2.6.8-2
kubevirt-template-validator-container-v2.6.8-2
kubevirt-kvm-info-nfd-plugin-container-v2.6.8-1
node-maintenance-operator-container-v2.6.8-1
vm-import-virtv2v-container-v2.6.8-1
hostpath-provisioner-container-v2.6.8-1
virt-cdi-uploadserver-container-v2.6.8-1
cnv-containernetworking-plugins-container-v2.6.8-1
virtio-win-container-v2.6.8-2
virt-cdi-controller-container-v2.6.8-1
virt-cdi-importer-container-v2.6.8-1
virt-cdi-apiserver-container-v2.6.8-1
virt-cdi-operator-container-v2.6.8-1
bridge-marker-container-v2.6.8-1
hyperconverged-cluster-operator-container-v2.6.8-1
cnv-must-gather-container-v2.6.8-5
virt-launcher-container-v2.6.8-5
virt-operator-container-v2.6.8-5
virt-api-container-v2.6.8-5
virt-controller-container-v2.6.8-5
virt-handler-container-v2.6.8-5
hco-bundle-registry-container-v2.6.8-23
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release 2.6.8 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 2.6.8 images:\n\nRHEL-8-CNV-2.6\n==============\nkubevirt-v2v-conversion-container-v2.6.8-1\nhyperconverged-cluster-webhook-container-v2.6.8-1\nvm-import-controller-container-v2.6.8-1\nkubevirt-cpu-model-nfd-plugin-container-v2.6.8-2\nvm-import-operator-container-v2.6.8-1\nkubevirt-cpu-node-labeller-container-v2.6.8-1\nkubevirt-ssp-operator-container-v2.6.8-1\nkubemacpool-container-v2.6.8-1\ncluster-network-addons-operator-container-v2.6.8-1\nvirt-cdi-cloner-container-v2.6.8-1\nvirt-cdi-uploadproxy-container-v2.6.8-1\nkubernetes-nmstate-handler-container-v2.6.8-1\novs-cni-plugin-container-v2.6.8-1\novs-cni-marker-container-v2.6.8-1\nhostpath-provisioner-operator-container-v2.6.8-1\nkubevirt-vmware-container-v2.6.8-2\nkubevirt-template-validator-container-v2.6.8-2\nkubevirt-kvm-info-nfd-plugin-container-v2.6.8-1\nnode-maintenance-operator-container-v2.6.8-1\nvm-import-virtv2v-container-v2.6.8-1\nhostpath-provisioner-container-v2.6.8-1\nvirt-cdi-uploadserver-container-v2.6.8-1\ncnv-containernetworking-plugins-container-v2.6.8-1\nvirtio-win-container-v2.6.8-2\nvirt-cdi-controller-container-v2.6.8-1\nvirt-cdi-importer-container-v2.6.8-1\nvirt-cdi-apiserver-container-v2.6.8-1\nvirt-cdi-operator-container-v2.6.8-1\nbridge-marker-container-v2.6.8-1\nhyperconverged-cluster-operator-container-v2.6.8-1\ncnv-must-gather-container-v2.6.8-5\nvirt-launcher-container-v2.6.8-5\nvirt-operator-container-v2.6.8-5\nvirt-api-container-v2.6.8-5\nvirt-controller-container-v2.6.8-5\nvirt-handler-container-v2.6.8-5\nhco-bundle-registry-container-v2.6.8-23\n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4725",
"url": "https://access.redhat.com/errata/RHSA-2021:4725"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "1998844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1998844"
},
{
"category": "external",
"summary": "2008522",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008522"
},
{
"category": "external",
"summary": "2010334",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010334"
},
{
"category": "external",
"summary": "2012328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2012328"
},
{
"category": "external",
"summary": "2013494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013494"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_4725.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization 2.6.8 Images security and bug fix update",
"tracking": {
"current_release_date": "2024-09-18T14:39:53+00:00",
"generator": {
"date": "2024-09-18T14:39:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:4725",
"initial_release_date": "2021-11-17T18:39:29+00:00",
"revision_history": [
{
"date": "2021-11-17T18:39:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-11-17T18:39:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:39:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 2.6 for RHEL 8",
"product": {
"name": "CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:2.6::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"product_id": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-cpu-model-nfd-plugin\u0026tag=v2.6.8-2"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"product_id": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-cpu-node-labeller\u0026tag=v2.6.8-1"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"product_id": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-kvm-info-nfd-plugin\u0026tag=v2.6.8-1"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"product_id": "container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller\u0026tag=v2.6.8-1"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"product_id": "container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller-rhel8\u0026tag=v2.6.8-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64"
],
"known_not_affected": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-34558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1983596"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate\u0027s private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0\u20131.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This vulnerability potentially affects any component written in Go that uses crypto/tls from the standard library. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components: \n - OpenShift Container Platform\n - OpenShift distributed tracing (formerly OpenShift Jaeger)\n - OpenShift Migration Toolkit for Containers\n - Red Hat Advanced Cluster Management for Kubernetes\n - Red Hat OpenShift on AWS\n - Red Hat OpenShift Virtualization\n\n* Because OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34558"
},
{
"category": "external",
"summary": "RHBZ#1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.15.minor",
"url": "https://golang.org/doc/devel/release#go1.15.minor"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.16.minor",
"url": "https://golang.org/doc/devel/release#go1.16.minor"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic"
}
]
}
rhsa-2022_0988
Vulnerability from csaf_redhat
Published
2022-03-24 10:59
Modified
2024-09-18 14:40
Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (golang-github-vbatts-tar-split) security update
Notes
Topic
An update for golang-github-vbatts-tar-split is now available for Red Hat
OpenStack Platform 16.1 (Train).
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Security Fix(es):
* net: incorrect parsing of extraneous zero characters at the beginning of
an IP address octet (CVE-2021-29923)
* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang-github-vbatts-tar-split is now available for Red Hat\nOpenStack Platform 16.1 (Train).\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Security Fix(es):\n\n* net: incorrect parsing of extraneous zero characters at the beginning of\nan IP address octet (CVE-2021-29923)\n* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0988",
"url": "https://access.redhat.com/errata/RHSA-2022:0988"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "2020629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020629"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_0988.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (golang-github-vbatts-tar-split) security update",
"tracking": {
"current_release_date": "2024-09-18T14:40:37+00:00",
"generator": {
"date": "2024-09-18T14:40:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:0988",
"initial_release_date": "2022-03-24T10:59:08+00:00",
"revision_history": [
{
"date": "2022-03-24T10:59:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-03-24T10:59:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:40:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 16.1",
"product": {
"name": "Red Hat OpenStack Platform 16.1",
"product_id": "8Base-RHOS-16.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:16.1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"product": {
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"product_id": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-vbatts-tar-split@0.11.1-6.el8ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64",
"product": {
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64",
"product_id": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-vbatts-tar-split@0.11.1-6.el8ost?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"product": {
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"product_id": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-vbatts-tar-split@0.11.1-6.el8ost?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.1",
"product_id": "8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le"
},
"product_reference": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src as a component of Red Hat OpenStack Platform 16.1",
"product_id": "8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src"
},
"product_reference": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"relates_to_product_reference": "8Base-RHOS-16.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.1",
"product_id": "8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
},
"product_reference": "golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0988"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-34558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1983596"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate\u0027s private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0\u20131.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This vulnerability potentially affects any component written in Go that uses crypto/tls from the standard library. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components: \n - OpenShift Container Platform\n - OpenShift distributed tracing (formerly OpenShift Jaeger)\n - OpenShift Migration Toolkit for Containers\n - Red Hat Advanced Cluster Management for Kubernetes\n - Red Hat OpenShift on AWS\n - Red Hat OpenShift Virtualization\n\n* Because OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34558"
},
{
"category": "external",
"summary": "RHBZ#1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.15.minor",
"url": "https://golang.org/doc/devel/release#go1.15.minor"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.16.minor",
"url": "https://golang.org/doc/devel/release#go1.16.minor"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0988"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.ppc64le",
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.src",
"8Base-RHOS-16.1:golang-github-vbatts-tar-split-0:0.11.1-6.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic"
}
]
}
rhsa-2022_1372
Vulnerability from csaf_redhat
Published
2022-04-13 18:48
Modified
2024-09-18 14:41
Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.10.0 enhancement, security & bug fix update
Notes
Topic
Updated images that include numerous enhancements, security, and bug fixes
are now available for Red Hat OpenShift Data Foundation 4.10.0 on Red Hat
Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.
Security Fix(es):
* golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)
* golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717)
* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)
* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)
Bug Fix(es):
These updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:
https://access.redhat.com//documentation/en-us/red_hat_openshift_data_foundation/4.10/html/4.10_release_notes/index
All Red Hat OpenShift Data Foundation users are advised to upgrade to these updated packages, which provide numerous bug fixes and enhancements.
or more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information refer to the CVE
page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images that include numerous enhancements, security, and bug fixes\nare now available for Red Hat OpenShift Data Foundation 4.10.0 on Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.\n\nSecurity Fix(es):\n* golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)\n* golang: syscall: don\u0027t close fd 0 on ForkExec error (CVE-2021-44717)\n* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)\n* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)\n\nBug Fix(es):\nThese updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com//documentation/en-us/red_hat_openshift_data_foundation/4.10/html/4.10_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated packages, which provide numerous bug fixes and enhancements.\n\nor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information refer to the CVE\npage(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:1372",
"url": "https://access.redhat.com/errata/RHSA-2022:1372"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1898988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898988"
},
{
"category": "external",
"summary": "1954708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954708"
},
{
"category": "external",
"summary": "1956418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956418"
},
{
"category": "external",
"summary": "1970123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970123"
},
{
"category": "external",
"summary": "1972190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1972190"
},
{
"category": "external",
"summary": "1974344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974344"
},
{
"category": "external",
"summary": "1981341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981341"
},
{
"category": "external",
"summary": "1981694",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981694"
},
{
"category": "external",
"summary": "1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "1991462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991462"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "external",
"summary": "1996830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1996830"
},
{
"category": "external",
"summary": "1996833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1996833"
},
{
"category": "external",
"summary": "1999689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999689"
},
{
"category": "external",
"summary": "1999952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999952"
},
{
"category": "external",
"summary": "2003532",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003532"
},
{
"category": "external",
"summary": "2005801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005801"
},
{
"category": "external",
"summary": "2005919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005919"
},
{
"category": "external",
"summary": "2021313",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021313"
},
{
"category": "external",
"summary": "2022424",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2022424"
},
{
"category": "external",
"summary": "2022693",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2022693"
},
{
"category": "external",
"summary": "2024107",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024107"
},
{
"category": "external",
"summary": "2024545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024545"
},
{
"category": "external",
"summary": "2026007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026007"
},
{
"category": "external",
"summary": "2027666",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027666"
},
{
"category": "external",
"summary": "2027826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027826"
},
{
"category": "external",
"summary": "2028559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028559"
},
{
"category": "external",
"summary": "2029413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029413"
},
{
"category": "external",
"summary": "2030602",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030602"
},
{
"category": "external",
"summary": "2030787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030787"
},
{
"category": "external",
"summary": "2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "external",
"summary": "2030806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
},
{
"category": "external",
"summary": "2030839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030839"
},
{
"category": "external",
"summary": "2031023",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031023"
},
{
"category": "external",
"summary": "2031705",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031705"
},
{
"category": "external",
"summary": "2032404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032404"
},
{
"category": "external",
"summary": "2032412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032412"
},
{
"category": "external",
"summary": "2032656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032656"
},
{
"category": "external",
"summary": "2032969",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032969"
},
{
"category": "external",
"summary": "2032984",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032984"
},
{
"category": "external",
"summary": "2033251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2033251"
},
{
"category": "external",
"summary": "2034003",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034003"
},
{
"category": "external",
"summary": "2034805",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034805"
},
{
"category": "external",
"summary": "2034904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034904"
},
{
"category": "external",
"summary": "2035774",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035774"
},
{
"category": "external",
"summary": "2035995",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035995"
},
{
"category": "external",
"summary": "2036018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036018"
},
{
"category": "external",
"summary": "2036211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2036211"
},
{
"category": "external",
"summary": "2037279",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037279"
},
{
"category": "external",
"summary": "2037318",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037318"
},
{
"category": "external",
"summary": "2037497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037497"
},
{
"category": "external",
"summary": "2038884",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038884"
},
{
"category": "external",
"summary": "2039240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039240"
},
{
"category": "external",
"summary": "2040682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040682"
},
{
"category": "external",
"summary": "2041507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041507"
},
{
"category": "external",
"summary": "2042866",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2042866"
},
{
"category": "external",
"summary": "2043017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043017"
},
{
"category": "external",
"summary": "2043028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043028"
},
{
"category": "external",
"summary": "2043406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043406"
},
{
"category": "external",
"summary": "2043513",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043513"
},
{
"category": "external",
"summary": "2044447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044447"
},
{
"category": "external",
"summary": "2044823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044823"
},
{
"category": "external",
"summary": "2045084",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045084"
},
{
"category": "external",
"summary": "2046186",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046186"
},
{
"category": "external",
"summary": "2046254",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046254"
},
{
"category": "external",
"summary": "2046677",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046677"
},
{
"category": "external",
"summary": "2046766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046766"
},
{
"category": "external",
"summary": "2046887",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046887"
},
{
"category": "external",
"summary": "2047162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047162"
},
{
"category": "external",
"summary": "2047201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047201"
},
{
"category": "external",
"summary": "2047562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047562"
},
{
"category": "external",
"summary": "2047565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047565"
},
{
"category": "external",
"summary": "2047625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047625"
},
{
"category": "external",
"summary": "2047632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047632"
},
{
"category": "external",
"summary": "2047642",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047642"
},
{
"category": "external",
"summary": "2048107",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048107"
},
{
"category": "external",
"summary": "2048370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048370"
},
{
"category": "external",
"summary": "2048458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048458"
},
{
"category": "external",
"summary": "2049029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049029"
},
{
"category": "external",
"summary": "2049075",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049075"
},
{
"category": "external",
"summary": "2049081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049081"
},
{
"category": "external",
"summary": "2049424",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049424"
},
{
"category": "external",
"summary": "2049509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049509"
},
{
"category": "external",
"summary": "2049718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049718"
},
{
"category": "external",
"summary": "2049727",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049727"
},
{
"category": "external",
"summary": "2049771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049771"
},
{
"category": "external",
"summary": "2049790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049790"
},
{
"category": "external",
"summary": "2050056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050056"
},
{
"category": "external",
"summary": "2050142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050142"
},
{
"category": "external",
"summary": "2050402",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050402"
},
{
"category": "external",
"summary": "2050483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050483"
},
{
"category": "external",
"summary": "2051249",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051249"
},
{
"category": "external",
"summary": "2051406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051406"
},
{
"category": "external",
"summary": "2051599",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051599"
},
{
"category": "external",
"summary": "2051913",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051913"
},
{
"category": "external",
"summary": "2052027",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052027"
},
{
"category": "external",
"summary": "2052438",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052438"
},
{
"category": "external",
"summary": "2052937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052937"
},
{
"category": "external",
"summary": "2052996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052996"
},
{
"category": "external",
"summary": "2053156",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053156"
},
{
"category": "external",
"summary": "2053517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053517"
},
{
"category": "external",
"summary": "2054147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2054147"
},
{
"category": "external",
"summary": "2054755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2054755"
},
{
"category": "external",
"summary": "2061251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061251"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_1372.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.10.0 enhancement, security \u0026 bug fix update",
"tracking": {
"current_release_date": "2024-09-18T14:41:17+00:00",
"generator": {
"date": "2024-09-18T14:41:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:1372",
"initial_release_date": "2022-04-13T18:48:58+00:00",
"revision_history": [
{
"date": "2022-04-13T18:48:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-04-13T18:48:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T14:41:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHODF 4.10 for RHEL 8",
"product": {
"name": "RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_data_foundation:4.10::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Data Foundation"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"product": {
"name": "odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"product_id": "odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=v4.10.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"product": {
"name": "odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"product_id": "odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel8\u0026tag=v4.10.0-12"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"product_id": "odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"product": {
"name": "odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"product_id": "odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel8-operator\u0026tag=v4.10.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"product": {
"name": "odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"product_id": "odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=v4.10.0-56"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"product_id": "odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"product": {
"name": "odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"product_id": "odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=v4.10.0-58"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"product": {
"name": "odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"product_id": "odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=v4.10.0-27"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"product": {
"name": "odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"product_id": "odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel8-operator\u0026tag=v4.10.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"product_id": "odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel8\u0026tag=v4.10.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"product": {
"name": "odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"product_id": "odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-lvm-must-gather-rhel8\u0026tag=v4.10.0-13"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"product": {
"name": "odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"product_id": "odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-lvm-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"product": {
"name": "odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"product_id": "odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-lvm-rhel8-operator\u0026tag=v4.10.0-32"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"product": {
"name": "odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"product_id": "odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=v4.10.0-32"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"product": {
"name": "odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"product_id": "odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"product": {
"name": "odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"product_id": "odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=v4.10.0-27"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"product": {
"name": "odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"product_id": "odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-topolvm-rhel8\u0026tag=v4.10.0-16"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"product_id": "odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"product": {
"name": "odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"product_id": "odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=v4.10.0-26"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"product": {
"name": "odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"product_id": "odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=v4.10.0-54"
}
}
},
{
"category": "product_version",
"name": "odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"product": {
"name": "odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"product_id": "odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb?arch=s390x\u0026repository_url=registry.redhat.io/odf4/volume-replication-rhel8-operator\u0026tag=v4.10.0-11"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"product": {
"name": "odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"product_id": "odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=v4.10.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"product": {
"name": "odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"product_id": "odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel8\u0026tag=v4.10.0-12"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"product_id": "odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"product": {
"name": "odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"product_id": "odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel8-operator\u0026tag=v4.10.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"product": {
"name": "odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"product_id": "odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=v4.10.0-56"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"product_id": "odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"product": {
"name": "odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"product_id": "odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=v4.10.0-58"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"product": {
"name": "odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"product_id": "odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=v4.10.0-27"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"product": {
"name": "odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"product_id": "odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel8-operator\u0026tag=v4.10.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel8\u0026tag=v4.10.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"product": {
"name": "odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"product_id": "odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-lvm-must-gather-rhel8\u0026tag=v4.10.0-13"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"product": {
"name": "odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"product_id": "odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-lvm-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"product": {
"name": "odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"product_id": "odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-lvm-rhel8-operator\u0026tag=v4.10.0-32"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"product": {
"name": "odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"product_id": "odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=v4.10.0-32"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"product": {
"name": "odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"product_id": "odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"product": {
"name": "odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"product_id": "odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=v4.10.0-27"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"product": {
"name": "odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"product_id": "odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-topolvm-rhel8\u0026tag=v4.10.0-16"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"product_id": "odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"product": {
"name": "odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"product_id": "odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=v4.10.0-26"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"product": {
"name": "odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"product_id": "odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=v4.10.0-54"
}
}
},
{
"category": "product_version",
"name": "odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64",
"product": {
"name": "odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64",
"product_id": "odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64",
"product_identification_helper": {
"purl": "pkg:oci/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857?arch=amd64\u0026repository_url=registry.redhat.io/odf4/volume-replication-rhel8-operator\u0026tag=v4.10.0-11"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"product_id": "odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=v4.10.0-35"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"product": {
"name": "odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"product_id": "odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel8\u0026tag=v4.10.0-12"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"product_id": "odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"product": {
"name": "odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"product_id": "odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel8-operator\u0026tag=v4.10.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"product": {
"name": "odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"product_id": "odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=v4.10.0-56"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"product_id": "odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"product": {
"name": "odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"product_id": "odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=v4.10.0-58"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"product": {
"name": "odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"product_id": "odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=v4.10.0-27"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"product_id": "odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel8-operator\u0026tag=v4.10.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"product_id": "odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel8\u0026tag=v4.10.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"product": {
"name": "odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"product_id": "odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-lvm-must-gather-rhel8\u0026tag=v4.10.0-13"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"product": {
"name": "odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"product_id": "odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-lvm-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"product": {
"name": "odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"product_id": "odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-lvm-rhel8-operator\u0026tag=v4.10.0-32"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"product": {
"name": "odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"product_id": "odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=v4.10.0-32"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"product": {
"name": "odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"product_id": "odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"product": {
"name": "odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"product_id": "odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=v4.10.0-27"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"product": {
"name": "odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"product_id": "odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-topolvm-rhel8\u0026tag=v4.10.0-16"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"product_id": "odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.10.0-221"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"product": {
"name": "odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"product_id": "odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=v4.10.0-26"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"product": {
"name": "odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"product_id": "odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=v4.10.0-54"
}
}
},
{
"category": "product_version",
"name": "odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"product": {
"name": "odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"product_id": "odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/volume-replication-rhel8-operator\u0026tag=v4.10.0-11"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x"
},
"product_reference": "odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64"
},
"product_reference": "odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64"
},
"product_reference": "odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le"
},
"product_reference": "odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x"
},
"product_reference": "odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le"
},
"product_reference": "odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x"
},
"product_reference": "odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64"
},
"product_reference": "odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le"
},
"product_reference": "odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64"
},
"product_reference": "odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x"
},
"product_reference": "odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64"
},
"product_reference": "odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x"
},
"product_reference": "odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le"
},
"product_reference": "odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le"
},
"product_reference": "odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x"
},
"product_reference": "odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64"
},
"product_reference": "odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64"
},
"product_reference": "odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x"
},
"product_reference": "odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x"
},
"product_reference": "odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le"
},
"product_reference": "odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64"
},
"product_reference": "odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64"
},
"product_reference": "odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x"
},
"product_reference": "odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le"
},
"product_reference": "odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x"
},
"product_reference": "odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le"
},
"product_reference": "odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64"
},
"product_reference": "odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le"
},
"product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64"
},
"product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x"
},
"product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x"
},
"product_reference": "odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le"
},
"product_reference": "odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64"
},
"product_reference": "odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le"
},
"product_reference": "odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64"
},
"product_reference": "odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x"
},
"product_reference": "odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64"
},
"product_reference": "odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le"
},
"product_reference": "odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x"
},
"product_reference": "odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64"
},
"product_reference": "odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x"
},
"product_reference": "odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le"
},
"product_reference": "odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x"
},
"product_reference": "odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64"
},
"product_reference": "odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le"
},
"product_reference": "odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le"
},
"product_reference": "odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x"
},
"product_reference": "odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"relates_to_product_reference": "8Base-RHODF-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64 as a component of RHODF 4.10 for RHEL 8",
"product_id": "8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
},
"product_reference": "odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64",
"relates_to_product_reference": "8Base-RHODF-4.10"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1372"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-34558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1983596"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate\u0027s private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0\u20131.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This vulnerability potentially affects any component written in Go that uses crypto/tls from the standard library. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components: \n - OpenShift Container Platform\n - OpenShift distributed tracing (formerly OpenShift Jaeger)\n - OpenShift Migration Toolkit for Containers\n - Red Hat Advanced Cluster Management for Kubernetes\n - Red Hat OpenShift on AWS\n - Red Hat OpenShift Virtualization\n\n* Because OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34558"
},
{
"category": "external",
"summary": "RHBZ#1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.15.minor",
"url": "https://golang.org/doc/devel/release#go1.15.minor"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.16.minor",
"url": "https://golang.org/doc/devel/release#go1.16.minor"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1372"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic"
},
{
"cve": "CVE-2021-36221",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-08-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995656"
}
],
"notes": [
{
"category": "description",
"text": "A race condition flaw was found in Go. The incoming requests body weren\u0027t closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the impacted RHOSP packages.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF1.3, no update will be provided at this time for the STF1.3 sg-core-container. Additionally, because Service Telemetry Framework1.2 will be retiring soon, no update will be provided at this time for the STF1.2 smart-gateway-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36221"
},
{
"category": "external",
"summary": "RHBZ#1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk",
"url": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1372"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic"
},
{
"cve": "CVE-2021-43565",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-12-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030787"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s an input validation flaw in golang.org/x/crypto\u0027s readCipherPacket() function. An unauthenticated attacker who sends an empty plaintext packet to a program linked with golang.org/x/crypto/ssh could cause a panic, potentially leading to denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto: empty plaintext packet causes panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "go-toolset shipped with Red Hat Developer Tools - Compilers and golang shipped with Red Hat Enterprise Linux 8 are not affected by this flaw because they do not ship the vulnerable code.\n\nThis flaw was rated to have a Moderate impact because it is not shipped in the Golang standard library and thus has a reduced impact to products compared with other flaws of this type.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-43565"
},
{
"category": "external",
"summary": "RHBZ#2030787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030787"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-43565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43565"
}
],
"release_date": "2021-12-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1372"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/crypto: empty plaintext packet causes panic"
},
{
"cve": "CVE-2021-44716",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030801"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s an uncontrolled resource consumption flaw in golang\u0027s net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http\u0027s http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: limit growth of header canonicalization cache",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For OpenShift Container Platform, OpenShift Virtualization, Red Hat Quay and OpenShift distributed tracing the most an attacker can possibly achieve by exploiting this vulnerability is to crash a container, temporarily impacting availability of one or more services. Therefore impact is rated Moderate.\n\nIn its default configuration, grafana as shipped in Red Hat Enterprise Linux 8 is not affected by this vulnerability. However, enabling http2 in /etc/grafana/grafana.ini explicitly would render grafana affected, therefore grafana has been marked affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44716"
},
{
"category": "external",
"summary": "RHBZ#2030801",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1372"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling HTTP/2. Setting the GODEBUG=http2server=0 environment variable before calling Serve will disable HTTP/2 unless it was manually configured through the golang.org/x/net/http2 package.",
"product_ids": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http: limit growth of header canonicalization cache"
},
{
"cve": "CVE-2021-44717",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2030806"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a flaw in golang\u0027s syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: syscall: don\u0027t close fd 0 on ForkExec error",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This flaw has had the severity level set to Moderate due to the attack complexity required to exhaust file descriptors at the time ForkExec is called, plus an attacker does not necessarily have direct control over where/how data is leaked.\n\n* For Service Telemetry Framework, because the flaw\u0027s impact is lower, no update will be provided at this time for its containers.\n\n* runc shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this flaw because the flaw is already patched in the shipped versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44717"
},
{
"category": "external",
"summary": "RHBZ#2030806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
"url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
}
],
"release_date": "2021-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1372"
},
{
"category": "workaround",
"details": "This bug can be mitigated by raising the per-process file descriptor limit.",
"product_ids": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:9de4f6848556d362dab3fcc534a6e7098649b353139d1b8d796317b8474125c2_s390x",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:d828aab4db3bb853a9c2be53ef65e968e7dca8faacb480e9c6802093181a8f16_amd64",
"8Base-RHODF-4.10:odf4/cephcsi-rhel8@sha256:f41411e6c6d65e52a3e3bb6cf3582116646e8ebc4ae9bf8eac77a00433855b20_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4338ea20fce25b664e880066144a5de7769623373cbfde1f46666aace4d9b855_amd64",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:4ed1db89bdd6150f28721a3c18bcfa7e221b1b621c12ae8830fd35923dea08ca_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-core-rhel8@sha256:f2a35675f04b3852dadbea99fef57dcc85ab5670929f7b0d52981e227047123c_s390x",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:983c8661518fe3efa01e5d64b389043ac856f013b4ec346d5da252848d8b2252_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:e1ae5ed85e17ad3cdbdc5049f5c3064f2616c5a6f445ec9d38e7f915d494776b_amd64",
"8Base-RHODF-4.10:odf4/mcg-operator-bundle@sha256:eb454980189ece047c2d97046f77ed67877ff0d6a17ea52621f28d9fba702d28_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:4a4bd7a6b537d75aaa982c308eedc805809c2576f5d75498a432991c7e199534_ppc64le",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:ae593d312597211d35a2d89cefdcf879eb1db1eac9bfdc76c756be78b111b5e7_s390x",
"8Base-RHODF-4.10:odf4/mcg-rhel8-operator@sha256:e6162ae89bf73e29c304080e868d47f13c46e389c6f2f6bde856ebeda20306f5_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:09a8a3da7024fbd081caff8cd62c67c898beade0597ff0656d0994daa08b4166_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:3a6619c418c74824b6a69dfce26f2070aae8b7d56b7cea756ab68d5e2c459e07_amd64",
"8Base-RHODF-4.10:odf4/ocs-must-gather-rhel8@sha256:d9332ec67415a78d38ee60b7d15c63475693590160caeb461767683b0dd21751_s390x",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:7cebd714435a398ade4f686d2943786d8485ea5333f5b16365991ae49303f097_ppc64le",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a640d9395a7dad7c5d2306af3ba60a3430358e705b647ebf272e38e27282ad4c_amd64",
"8Base-RHODF-4.10:odf4/ocs-operator-bundle@sha256:a70904f7570095a0721e5fcf7bc4fe1c431112f6ef4437d1b5ed67f8462d7926_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:32a1d52cfc7b91c0186e5423245bd06e525c6890ed77bca7335e56c48e2cd86b_amd64",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:9759e45e271ef502e2ed6f7e12dc2ecb10e39fc0cd22e195f7d47edec39ff0fd_s390x",
"8Base-RHODF-4.10:odf4/ocs-rhel8-operator@sha256:a3b3a3e9a8332d3b5d5137ff89e1843e6506507c2ebb069c9a7bbfcd03dfdd42_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:1d988be397cae4aad67a43534a2875edbee24135ba549549156fb8aa883f22a6_ppc64le",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:54f6bca97f44b76c065bbaed5915a97693ce1ea1a3f3a1cf65c610ff81622f3c_s390x",
"8Base-RHODF-4.10:odf4/odf-console-rhel8@sha256:7c89981748d38fafa31c8a8d624381db9c14c07160de7bc13588a0b0e3673b33_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:84407db398089fe2b60b83f4cbd94fd30581d928d6edf614de5d34cec3f21014_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:c7e57040123bc4ef58444a7b2bbf076588876c56f8903e57a3646db0c4c430ca_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-operator-bundle@sha256:cca6c8289d099a0c6ad92387991089058f344d9fe33c63535898023e182856dc_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:c2a30fc5971995e4c3bf90f7c56733d74a3af9f3e59978d4705a3eee5d0b565a_amd64",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:e7daa827ed079b6f60419beebdf9a5adab484c5617edc6ed51ff4deb8e7ce735_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-rhel8-operator@sha256:fb700cd42c272775cdba1e9aab83572b48d8320d2de595f8b2dc9281b477b7cb_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:57d765f210d5aadc288a5ea5b8229effd18874e10ba7ae6a5fbbe53d745796e5_s390x",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:7da72672ed9f83988c559614794b5368093e28de7ec218a793b103c86be1490b_ppc64le",
"8Base-RHODF-4.10:odf4/odf-csi-addons-sidecar-rhel8@sha256:d7f0286b395ff43611c591c1406a2f37821246a5543d24acfb92ccf622384fba_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:5cdee3d267742de595ad057858f43021938079d345e8f58a6eee892d78634c74_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:7c40a459ec0ef75b13dd63dae970688b4cf625f339f84c4d01600d41920a1510_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-must-gather-rhel8@sha256:f8c68e2a9112fadacfe4f3b9f9f6ceab32a72052b684a3402412a764618e8a9e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:257ca6d222964bd18c4d7b05531623696cda01108b5362a6e97a6c05efe71c8e_amd64",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:e9c083cd238fb4fee2c0ac5baca54d863487084e64288f75d7d94435eb772706_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-operator-bundle@sha256:f7cccdf83a047aa3cf59820c58bbf0d76ed1bf7e986b1a830d8eff2a145c21bc_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:4bd043601f813edae2aef686e907de2c1cb7799b375d60abe22af4c6229e1c20_s390x",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:76c90e7ac58c1fdb8a5d01a229f010ec517ea9d8c906fb4ce0eb0cd73a37a97d_ppc64le",
"8Base-RHODF-4.10:odf4/odf-lvm-rhel8-operator@sha256:afa1f9113288540b9b273b80af6d41792aece2cdace2f9503a4f55e780fb3549_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:75382a495f60b766fa9eda0655ffbb0f71ee4cdae97460b57b6a4aeb5c05f002_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:bba27843af4366260fc01c4c67652bc8e84c038e2bbc69274cb090f6048ef448_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-operator-bundle@sha256:ca24dab680c6cc31c1ff20db6b428cfc312f33ba318c2bb2de11625b72dd6390_s390x",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:19ff08d09066658e51074527f75e194873b3351b6cb0bb47207c21bb537a4eef_ppc64le",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:9ef5cfb21028838a9c30b0e593e1b05a205046b4592452b1c23b8e257fa3ccb8_amd64",
"8Base-RHODF-4.10:odf4/odf-multicluster-rhel8-operator@sha256:a59a966565220ca1aa6eb95803660949cfa6ed32a64b0c0c561ac229f4c7f6ca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:393e2ce8111ba011a91782b4f47175bb069d762bc14a434a37e10c8a76daabca_s390x",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:8597f6adc1865ab64ba0d42caa2793cf8f44b86251fd53e7a30ec00b3f1cbd20_ppc64le",
"8Base-RHODF-4.10:odf4/odf-operator-bundle@sha256:dc4d9a53dea5573e3020ad5d1ea1018705b6be25294c722d29f57bd90564c58c_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:4ea80063a33a0524cffd54d2ee915332cd0bfafe8e448d1c283a9c80f46b8471_ppc64le",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:73fac885482871f744fcf2e5635be1e10d812845ba122d30446641f11d436099_amd64",
"8Base-RHODF-4.10:odf4/odf-rhel8-operator@sha256:c53e6cb927dc1d241f1466f3d11af80fe64a89a48c215e11c65cb04e08cf35fb_s390x",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:2f872d7bfb2f4655edfe0ba42e70a6a69e90c129342cae2f2ba2d80c169d0afa_amd64",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:346a8438e87d63ac4020310d5226839d261bc483cebe6875bb8a82f166b0a782_ppc64le",
"8Base-RHODF-4.10:odf4/odf-topolvm-rhel8@sha256:609c3b047342f5e6a8132891bb3f049e259a32fe650660adb36c84ccdb63ae3c_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:66d0b4370fc757e1c4cf7733308f6e7a75b7eb8887ef022af68f7174335dde6d_ppc64le",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:df61454d23b0c733a0ba643a07a85915914b56fbbc778a5707331bbac41a2afa_s390x",
"8Base-RHODF-4.10:odf4/odr-cluster-operator-bundle@sha256:fd6d7f3775724702389a2dbd57869f6d9963dddaee3f9d5084992f15bcdde638_amd64",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:35c6cf9f55542331bdf59caade4564cfc83adf79dab83298de1838248a6607ce_s390x",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:733973b032ae9d5a436c6d2fa3b68647224b25ca2d93047bd63770109ba28c8e_ppc64le",
"8Base-RHODF-4.10:odf4/odr-hub-operator-bundle@sha256:bfa02459d18d144adddebcc6ee8f612071065fc0fd5305bdaa2ed4338cbd9382_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:5d683d91aa19544c27311f53c1d7462d138fabe19af490e4e1052220eb34cdb7_amd64",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:8785852f2b30b04ac8696078f6fd8bcefa6e9e5ddc9c37e199b3679f295332fc_s390x",
"8Base-RHODF-4.10:odf4/odr-rhel8-operator@sha256:d96c94c9f9cbb00b882b435c7f30b50ea8f1186ad14c65903a24e840b8ec3a29_ppc64le",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:4d863979f67280825c7a10cbcebc495972e3d0ac58f10f63987706d6f8c8f60f_s390x",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:8fabff5be7802f8de5f1026893ae4f7bafb66a1e1f70df16c667e537ee0bedcd_amd64",
"8Base-RHODF-4.10:odf4/rook-ceph-rhel8-operator@sha256:afb3f630b3215e327122688dc9edf0b651fda692c29a2b861df7357492f54702_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:3808e1084febf2ee4d32e2ae6334c4feb17c1ac57df3c30d514227514cbd4a2c_ppc64le",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:60133217c4f4d5cc1e778e92f7de31a527ff43846aaebe5db6dd5d9978d7c2fb_s390x",
"8Base-RHODF-4.10:odf4/volume-replication-rhel8-operator@sha256:ad89936da3510643ac92087fedfc71965cb4b1e2e1845162f6e04eeb02b5f857_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: syscall: don\u0027t close fd 0 on ForkExec error"
}
]
}
wid-sec-w-2022-0970
Vulnerability from csaf_certbund
Published
2022-04-07 22:00
Modified
2024-05-21 22:00
Summary
Red Hat OpenShift: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0970 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0970.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0970 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0970"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4668 vom 2022-05-19",
"url": "https://access.redhat.com/errata/RHSA-2022:4668"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-04-07",
"url": "https://access.redhat.com/errata/RHSA-2022:1275"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-04-07",
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1679 vom 2022-05-10",
"url": "https://access.redhat.com/errata/RHSA-2022:1679"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9362 vom 2022-05-09",
"url": "https://linux.oracle.com/errata/ELSA-2022-9362.html"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202208-02 vom 2022-08-09",
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-7129 vom 2022-10-26",
"url": "https://linux.oracle.com/errata/ELSA-2022-7129.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7129 vom 2022-10-25",
"url": "https://access.redhat.com/errata/RHSA-2022:7129"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7457 vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7457"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7954 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:7954"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-2303 vom 2023-10-20",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2303.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2944 vom 2024-05-21",
"url": "https://access.redhat.com/errata/RHSA-2024:2944"
}
],
"source_lang": "en-US",
"title": "Red Hat OpenShift: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-05-21T22:00:00.000+00:00",
"generator": {
"date": "2024-05-22T08:37:47.134+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2022-0970",
"initial_release_date": "2022-04-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-04-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-05-10T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-05-18T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-08-09T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2022-10-25T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2022-11-08T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-15T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-10-19T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-05-21T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "9"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Container Platform 4",
"product": {
"name": "Red Hat OpenShift Container Platform 4",
"product_id": "T022509",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4"
}
}
},
{
"category": "product_version_range",
"name": "Service Mesh \u003c2.1.2",
"product": {
"name": "Red Hat OpenShift Service Mesh \u003c2.1.2",
"product_id": "T022580",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:service_mesh__2.1.2"
}
}
},
{
"category": "product_version_range",
"name": "Service Mesh \u003c2.0.9",
"product": {
"name": "Red Hat OpenShift Service Mesh \u003c2.0.9",
"product_id": "T022581",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:service_mesh__2.0.9"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-28851",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00Z",
"title": "CVE-2020-28851"
},
{
"cve": "CVE-2020-28852",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00Z",
"title": "CVE-2020-28852"
},
{
"cve": "CVE-2021-29482",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00Z",
"title": "CVE-2021-29482"
},
{
"cve": "CVE-2021-29923",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00Z",
"title": "CVE-2021-29923"
},
{
"cve": "CVE-2021-3121",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00Z",
"title": "CVE-2021-3121"
},
{
"cve": "CVE-2021-36221",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00Z",
"title": "CVE-2021-36221"
},
{
"cve": "CVE-2021-3749",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00Z",
"title": "CVE-2021-3749"
},
{
"cve": "CVE-2021-43565",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00Z",
"title": "CVE-2021-43565"
},
{
"cve": "CVE-2021-43824",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00Z",
"title": "CVE-2021-43824"
},
{
"cve": "CVE-2021-43825",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00Z",
"title": "CVE-2021-43825"
},
{
"cve": "CVE-2021-43826",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00Z",
"title": "CVE-2021-43826"
},
{
"cve": "CVE-2022-21654",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00Z",
"title": "CVE-2022-21654"
},
{
"cve": "CVE-2022-21655",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00Z",
"title": "CVE-2022-21655"
},
{
"cve": "CVE-2022-23606",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00Z",
"title": "CVE-2022-23606"
},
{
"cve": "CVE-2022-23635",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00Z",
"title": "CVE-2022-23635"
},
{
"cve": "CVE-2022-24726",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten envoy, golang, github.com/gogo/protobuf, Node.js Axios und github.com/ulikunitz/xz. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914",
"T022509"
]
},
"release_date": "2022-04-07T22:00:00Z",
"title": "CVE-2022-24726"
}
]
}
wid-sec-w-2022-1335
Vulnerability from csaf_certbund
Published
2022-09-07 22:00
Modified
2023-05-18 22:00
Summary
Xerox FreeFlow Print Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "FreeFlow-Druckserver ist eine Druckserveranwendung f\u00fcr Xerox-Produktionsdrucker, die Flexibilit\u00e4t, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1335 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1335.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1335 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1335"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX23-007 vom 2023-05-18",
"url": "https://security.business.xerox.com/wp-content/uploads/2023/05/Xerox-Security-Bulletin-XRX23-007-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v7.pdf"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX23-005 vom 2023-04-04",
"url": "https://security.business.xerox.com/wp-content/uploads/2023/04/Xerox-Security-Bulletin-XRX23-005-Xerox%25C2%25AE-FreeFlow%25C2%25AE-Print-Server-v9.pdf"
},
{
"category": "external",
"summary": "Xerox Security Bulletin XRX22-021 vom 2022-09-07",
"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2022/09/Xerox-Security-Bulletin-XRX22-021-FreeFlow-Print-Server-v9.pdf"
}
],
"source_lang": "en-US",
"title": "Xerox FreeFlow Print Server: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-05-18T22:00:00.000+00:00",
"generator": {
"date": "2024-02-15T16:57:44.642+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2022-1335",
"initial_release_date": "2022-09-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-09-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-04-03T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von XEROX aufgenommen"
},
{
"date": "2023-05-18T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von XEROX aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Xerox FreeFlow Print Server 7",
"product": {
"name": "Xerox FreeFlow Print Server 7",
"product_id": "T000872",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:7"
}
}
},
{
"category": "product_name",
"name": "Xerox FreeFlow Print Server 9",
"product": {
"name": "Xerox FreeFlow Print Server 9",
"product_id": "T002977",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:9"
}
}
},
{
"category": "product_name",
"name": "Xerox FreeFlow Print Server v9",
"product": {
"name": "Xerox FreeFlow Print Server v9",
"product_id": "T015632",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v9"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2018-25032"
},
{
"cve": "CVE-2019-19906",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2019-19906"
},
{
"cve": "CVE-2020-0499",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2020-0499"
},
{
"cve": "CVE-2020-25717",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2020-25717"
},
{
"cve": "CVE-2020-29651",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2020-29651"
},
{
"cve": "CVE-2021-0561",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-0561"
},
{
"cve": "CVE-2021-21708",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-21708"
},
{
"cve": "CVE-2021-22946",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-22946"
},
{
"cve": "CVE-2021-25220",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-25220"
},
{
"cve": "CVE-2021-29923",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-29923"
},
{
"cve": "CVE-2021-30809",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30809"
},
{
"cve": "CVE-2021-30818",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30818"
},
{
"cve": "CVE-2021-30823",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30823"
},
{
"cve": "CVE-2021-30836",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30836"
},
{
"cve": "CVE-2021-30884",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30884"
},
{
"cve": "CVE-2021-30887",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30887"
},
{
"cve": "CVE-2021-30888",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30888"
},
{
"cve": "CVE-2021-30889",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30889"
},
{
"cve": "CVE-2021-30890",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30890"
},
{
"cve": "CVE-2021-30897",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30897"
},
{
"cve": "CVE-2021-30934",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30934"
},
{
"cve": "CVE-2021-30936",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30936"
},
{
"cve": "CVE-2021-30951",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30951"
},
{
"cve": "CVE-2021-30952",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30952"
},
{
"cve": "CVE-2021-30953",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30953"
},
{
"cve": "CVE-2021-30954",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30954"
},
{
"cve": "CVE-2021-30984",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-30984"
},
{
"cve": "CVE-2021-3448",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-3448"
},
{
"cve": "CVE-2021-34558",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-34558"
},
{
"cve": "CVE-2021-36221",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-36221"
},
{
"cve": "CVE-2021-4115",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-4115"
},
{
"cve": "CVE-2021-4136",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-4136"
},
{
"cve": "CVE-2021-4166",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-4166"
},
{
"cve": "CVE-2021-4173",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-4173"
},
{
"cve": "CVE-2021-41771",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-41771"
},
{
"cve": "CVE-2021-41772",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-41772"
},
{
"cve": "CVE-2021-4187",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-4187"
},
{
"cve": "CVE-2021-4192",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-4192"
},
{
"cve": "CVE-2021-4193",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-4193"
},
{
"cve": "CVE-2021-4217",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-4217"
},
{
"cve": "CVE-2021-43519",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-43519"
},
{
"cve": "CVE-2021-43566",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-43566"
},
{
"cve": "CVE-2021-44142",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-44142"
},
{
"cve": "CVE-2021-45444",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-45444"
},
{
"cve": "CVE-2021-45481",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-45481"
},
{
"cve": "CVE-2021-45482",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-45482"
},
{
"cve": "CVE-2021-45483",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-45483"
},
{
"cve": "CVE-2021-45960",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-45960"
},
{
"cve": "CVE-2021-46143",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2021-46143"
},
{
"cve": "CVE-2022-0128",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0128"
},
{
"cve": "CVE-2022-0156",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0156"
},
{
"cve": "CVE-2022-0158",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0158"
},
{
"cve": "CVE-2022-0261",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0261"
},
{
"cve": "CVE-2022-0318",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0318"
},
{
"cve": "CVE-2022-0319",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0319"
},
{
"cve": "CVE-2022-0336",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0336"
},
{
"cve": "CVE-2022-0391",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0391"
},
{
"cve": "CVE-2022-0408",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0408"
},
{
"cve": "CVE-2022-0413",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0413"
},
{
"cve": "CVE-2022-0417",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0417"
},
{
"cve": "CVE-2022-0443",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0443"
},
{
"cve": "CVE-2022-0554",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0554"
},
{
"cve": "CVE-2022-0566",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0566"
},
{
"cve": "CVE-2022-0572",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0572"
},
{
"cve": "CVE-2022-0629",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0629"
},
{
"cve": "CVE-2022-0685",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0685"
},
{
"cve": "CVE-2022-0696",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0696"
},
{
"cve": "CVE-2022-0714",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0714"
},
{
"cve": "CVE-2022-0729",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0729"
},
{
"cve": "CVE-2022-0778",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-1097",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-1097"
},
{
"cve": "CVE-2022-1196",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-1196"
},
{
"cve": "CVE-2022-1197",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-1197"
},
{
"cve": "CVE-2022-1271",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-1271"
},
{
"cve": "CVE-2022-1520",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-1520"
},
{
"cve": "CVE-2022-1834",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-1834"
},
{
"cve": "CVE-2022-21245",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21245"
},
{
"cve": "CVE-2022-21270",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21270"
},
{
"cve": "CVE-2022-21291",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21291"
},
{
"cve": "CVE-2022-21303",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21303"
},
{
"cve": "CVE-2022-21304",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21304"
},
{
"cve": "CVE-2022-21344",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21344"
},
{
"cve": "CVE-2022-21349",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21349"
},
{
"cve": "CVE-2022-21367",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21367"
},
{
"cve": "CVE-2022-21426",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21426"
},
{
"cve": "CVE-2022-21434",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21434"
},
{
"cve": "CVE-2022-21443",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21443"
},
{
"cve": "CVE-2022-21449",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21449"
},
{
"cve": "CVE-2022-21476",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21476"
},
{
"cve": "CVE-2022-21493",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21493"
},
{
"cve": "CVE-2022-21494",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21494"
},
{
"cve": "CVE-2022-21496",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21496"
},
{
"cve": "CVE-2022-21514",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21514"
},
{
"cve": "CVE-2022-21524",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21524"
},
{
"cve": "CVE-2022-21533",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21533"
},
{
"cve": "CVE-2022-21712",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21712"
},
{
"cve": "CVE-2022-21716",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-21716"
},
{
"cve": "CVE-2022-22589",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-22589"
},
{
"cve": "CVE-2022-22590",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-22590"
},
{
"cve": "CVE-2022-22592",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-22592"
},
{
"cve": "CVE-2022-22620",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-22620"
},
{
"cve": "CVE-2022-22719",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-22719"
},
{
"cve": "CVE-2022-22720",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-22720"
},
{
"cve": "CVE-2022-22721",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-22721"
},
{
"cve": "CVE-2022-22818",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-22818"
},
{
"cve": "CVE-2022-22822",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-22822"
},
{
"cve": "CVE-2022-22823",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-22823"
},
{
"cve": "CVE-2022-22824",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-22824"
},
{
"cve": "CVE-2022-22825",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-22825"
},
{
"cve": "CVE-2022-22826",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-22826"
},
{
"cve": "CVE-2022-22827",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-22827"
},
{
"cve": "CVE-2022-23308",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-23308"
},
{
"cve": "CVE-2022-23772",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-23772"
},
{
"cve": "CVE-2022-23773",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-23773"
},
{
"cve": "CVE-2022-23806",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-23806"
},
{
"cve": "CVE-2022-23833",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-23833"
},
{
"cve": "CVE-2022-23852",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-23852"
},
{
"cve": "CVE-2022-23943",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-23943"
},
{
"cve": "CVE-2022-23990",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-23990"
},
{
"cve": "CVE-2022-24130",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-24130"
},
{
"cve": "CVE-2022-24407",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-24407"
},
{
"cve": "CVE-2022-24675",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-24675"
},
{
"cve": "CVE-2022-24713",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-24713"
},
{
"cve": "CVE-2022-24801",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-24801"
},
{
"cve": "CVE-2022-25235",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-25235"
},
{
"cve": "CVE-2022-25236",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-25236"
},
{
"cve": "CVE-2022-25313",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-25313"
},
{
"cve": "CVE-2022-25314",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-25314"
},
{
"cve": "CVE-2022-25315",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-25315"
},
{
"cve": "CVE-2022-25762",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-25762"
},
{
"cve": "CVE-2022-26381",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-26381"
},
{
"cve": "CVE-2022-26383",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-26383"
},
{
"cve": "CVE-2022-26384",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-26384"
},
{
"cve": "CVE-2022-26386",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-26386"
},
{
"cve": "CVE-2022-26387",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-26387"
},
{
"cve": "CVE-2022-26485",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-26485"
},
{
"cve": "CVE-2022-26486",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-26486"
},
{
"cve": "CVE-2022-28281",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-28281"
},
{
"cve": "CVE-2022-28282",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-28282"
},
{
"cve": "CVE-2022-28285",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-28285"
},
{
"cve": "CVE-2022-28286",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-28286"
},
{
"cve": "CVE-2022-28289",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-28289"
},
{
"cve": "CVE-2022-28327",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-28327"
},
{
"cve": "CVE-2022-28346",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-28346"
},
{
"cve": "CVE-2022-28347",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-28347"
},
{
"cve": "CVE-2022-29824",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-29824"
},
{
"cve": "CVE-2022-29909",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-29909"
},
{
"cve": "CVE-2022-29911",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-29911"
},
{
"cve": "CVE-2022-29912",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-29912"
},
{
"cve": "CVE-2022-29913",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-29913"
},
{
"cve": "CVE-2022-29914",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-29914"
},
{
"cve": "CVE-2022-29916",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-29916"
},
{
"cve": "CVE-2022-29917",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-29917"
},
{
"cve": "CVE-2022-31736",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-31736"
},
{
"cve": "CVE-2022-31737",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-31737"
},
{
"cve": "CVE-2022-31738",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-31738"
},
{
"cve": "CVE-2022-31739",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-31739"
},
{
"cve": "CVE-2022-3174",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-3174"
},
{
"cve": "CVE-2022-31740",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-31740"
},
{
"cve": "CVE-2022-31741",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-31741"
},
{
"cve": "CVE-2022-31742",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-31742"
},
{
"cve": "CVE-2022-31747",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-31747"
},
{
"cve": "CVE-2022-4187",
"notes": [
{
"category": "description",
"text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00Z",
"title": "CVE-2022-4187"
}
]
}
wid-sec-w-2022-0941
Vulnerability from csaf_certbund
Published
2021-08-09 22:00
Modified
2024-05-21 22:00
Summary
Red Hat OpenShift: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um die Integrität und die Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um die Integrit\u00e4t und die Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0941 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-0941.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0941 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0941"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3759 vom 2021-10-18",
"url": "https://access.redhat.com/errata/RHSA-2021:3759"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3820 vom 2021-10-19",
"url": "https://access.redhat.com/errata/RHSA-2021:3820"
},
{
"category": "external",
"summary": "RedHat Security Advisory RHSA-2021:2984 vom 2021-08-09",
"url": "https://access.redhat.com/errata/RHSA-2021:2984"
},
{
"category": "external",
"summary": "RedHat Security Advisory RHSA-2021:2983 vom 2021-08-10",
"url": "https://access.redhat.com/errata/RHSA-2021:2983"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4156 vom 2021-11-10",
"url": "https://access.redhat.com/errata/RHSA-2021:4156"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4226 vom 2021-11-09",
"url": "https://access.redhat.com/errata/RHSA-2021:4226"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3009 vom 2021-08-12",
"url": "https://access.redhat.com/errata/RHSA-2021:3009"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3146 vom 2021-08-12",
"url": "https://access.redhat.com/errata/RHSA-2021:3146"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3229 vom 2021-08-20",
"url": "https://access.redhat.com/errata/RHSA-2021:3229"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3361 vom 2021-08-31",
"url": "https://access.redhat.com/errata/RHSA-2021:3361"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3248 vom 2021-08-31",
"url": "https://access.redhat.com/errata/RHSA-2021:3248"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3431 vom 2021-09-07",
"url": "https://access.redhat.com/errata/RHSA-2021:3431"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3454 vom 2021-09-08",
"url": "https://access.redhat.com/errata/RHSA-2021:3454"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3487 vom 2021-09-15",
"url": "https://access.redhat.com/errata/RHSA-2021:3487"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3556 vom 2021-09-17",
"url": "https://access.redhat.com/errata/RHSA-2021:3556"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3555 vom 2021-09-16",
"url": "https://access.redhat.com/errata/RHSA-2021:3555"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3598 vom 2021-09-21",
"url": "https://access.redhat.com/errata/RHSA-2021:3598"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3585 vom 2021-09-21",
"url": "https://access.redhat.com/errata/RHSA-2021:3585"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-3585 vom 2021-09-22",
"url": "http://linux.oracle.com/errata/ELSA-2021-3585.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4104 vom 2021-11-02",
"url": "https://access.redhat.com/errata/RHSA-2021:4104"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4725 vom 2021-11-17",
"url": "https://access.redhat.com/errata/RHSA-2021:4725"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4722 vom 2021-11-17",
"url": "https://access.redhat.com/errata/RHSA-2021:4722"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4902 vom 2021-12-01",
"url": "https://access.redhat.com/errata/RHSA-2021:4902"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4914 vom 2021-12-02",
"url": "https://access.redhat.com/errata/RHSA-2021:4914"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4910 vom 2021-12-02",
"url": "https://access.redhat.com/errata/RHSA-2021:4910"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5072 vom 2021-12-10",
"url": "https://access.redhat.com/errata/RHSA-2021:5072"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5086 vom 2021-12-13",
"url": "https://access.redhat.com/errata/RHSA-2021:5086"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:5085 vom 2021-12-13",
"url": "https://access.redhat.com/errata/RHSA-2021:5085"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0191 vom 2022-01-20",
"url": "https://access.redhat.com/errata/RHSA-2022:0191"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0237 vom 2022-01-24",
"url": "https://access.redhat.com/errata/RHSA-2022:0237"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0260 vom 2022-01-25",
"url": "https://access.redhat.com/errata/RHSA-2022:0260"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0318 vom 2022-01-27",
"url": "https://access.redhat.com/errata/RHSA-2022:0318"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0432 vom 2022-02-03",
"url": "https://access.redhat.com/errata/RHSA-2022:0432"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0431 vom 2022-02-03",
"url": "https://access.redhat.com/errata/RHSA-2022:0431"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0434 vom 2022-02-04",
"url": "https://access.redhat.com/errata/RHSA-2022:0434"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0557 vom 2022-02-23",
"url": "https://access.redhat.com/errata/RHSA-2022:0557"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0561 vom 2022-02-23",
"url": "https://access.redhat.com/errata/RHSA-2022:0561"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0947 vom 2022-03-16",
"url": "https://access.redhat.com/errata/RHSA-2022:0947"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0997 vom 2022-03-24",
"url": "https://access.redhat.com/errata/RHSA-2022:0997"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0998 vom 2022-03-24",
"url": "https://access.redhat.com/errata/RHSA-2022:0998"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0989 vom 2022-03-24",
"url": "https://access.redhat.com/errata/RHSA-2022:0989"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0988 vom 2022-03-24",
"url": "https://access.redhat.com/errata/RHSA-2022:0988"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0577 vom 2022-03-28",
"url": "https://access.redhat.com/errata/RHSA-2022:0577"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1276 vom 2022-04-08",
"url": "https://access.redhat.com/errata/RHSA-2022:1276"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1329 vom 2022-04-12",
"url": "https://access.redhat.com/errata/RHSA-2022:1329"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1372 vom 2022-04-14",
"url": "https://access.redhat.com/errata/RHSA-2022:1372"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1402 vom 2022-04-19",
"url": "https://access.redhat.com/errata/RHSA-2022:1402"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2022-1830 vom 2022-08-08",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1830.html"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202208-02 vom 2022-08-09",
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7954 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:7954"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7955 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:7955"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8008 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8008"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-7955 vom 2022-11-22",
"url": "https://linux.oracle.com/errata/ELSA-2022-7955.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2586 vom 2024-04-30",
"url": "https://access.redhat.com/errata/RHSA-2024:2586"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2988 vom 2024-05-22",
"url": "https://access.redhat.com/errata/RHSA-2024:2988"
}
],
"source_lang": "en-US",
"title": "Red Hat OpenShift: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-05-21T22:00:00.000+00:00",
"generator": {
"date": "2024-05-22T09:10:52.845+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2022-0941",
"initial_release_date": "2021-08-09T22:00:00.000+00:00",
"revision_history": [
{
"date": "2021-08-09T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2021-08-10T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-08-11T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-08-19T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-08-30T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-08-31T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-09-06T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-09-07T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-09-14T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-09-16T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-09-20T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-09-22T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-10-18T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-10-19T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-11-02T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-11-09T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-11-17T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-12-01T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-12-02T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-12-09T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-12-13T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-01-19T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-01-24T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-01-25T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-01-27T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-02-03T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-02-23T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-03-16T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-03-23T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-03-24T23:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-03-28T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-04-07T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-04-12T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-04-13T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-04-19T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-08-08T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-08-09T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2022-11-15T23:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-23T23:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-05-01T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-05-21T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "41"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.8.4",
"product": {
"name": "Red Hat OpenShift \u003c4.8.4",
"product_id": "T020080",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.8.4"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen in der Komponente \"Golang\". Diese Schwachstellen sind auf Fehler bei der Eingabevalidierung zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914"
]
},
"release_date": "2021-08-09T22:00:00Z",
"title": "CVE-2021-29923"
},
{
"cve": "CVE-2021-33195",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen in der Komponente \"Golang\". Diese Schwachstellen sind auf Fehler bei der Eingabevalidierung zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914"
]
},
"release_date": "2021-08-09T22:00:00Z",
"title": "CVE-2021-33195"
},
{
"cve": "CVE-2021-33197",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen in der Komponente \"Golang\". Diese Schwachstellen sind auf Fehler bei der Eingabevalidierung zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914"
]
},
"release_date": "2021-08-09T22:00:00Z",
"title": "CVE-2021-33197"
},
{
"cve": "CVE-2021-33198",
"notes": [
{
"category": "description",
"text": "In Red Hat OpenShift existieren mehrere Schwachstellen in der Komponente \"Golang\". Diese Schwachstellen sind auf Fehler bei der Eingabevalidierung zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
}
],
"product_status": {
"known_affected": [
"67646",
"398363",
"T012167",
"T004914"
]
},
"release_date": "2021-08-09T22:00:00Z",
"title": "CVE-2021-33198"
}
]
}
wid-sec-w-2023-2229
Vulnerability from csaf_certbund
Published
2023-08-30 22:00
Modified
2024-05-28 22:00
Summary
Splunk Splunk Enterprise: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Splunk Enterprise ermöglicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.
Angriff
Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise ausnutzen, um beliebigen Code auszuführen, einen 'Denial of Service'-Zustand zu verursachen, seine Privilegien zu erweitern und weitere, nicht spezifizierte Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Splunk Enterprise erm\u00f6glicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen, seine Privilegien zu erweitern und weitere, nicht spezifizierte Auswirkungen zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2229 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2229.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2229 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2229"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2023-08-30",
"url": "https://advisory.splunk.com//advisories/SVD-2023-0801"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2023-08-30",
"url": "https://advisory.splunk.com//advisories/SVD-2023-0802"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2023-08-30",
"url": "https://advisory.splunk.com//advisories/SVD-2023-0803"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2023-08-30",
"url": "https://advisory.splunk.com//advisories/SVD-2023-0804"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2023-08-30",
"url": "https://advisory.splunk.com//advisories/SVD-2023-0805"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2023-08-30",
"url": "https://advisory.splunk.com//advisories/SVD-2023-0806"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2023-08-30",
"url": "https://advisory.splunk.com//advisories/SVD-2023-0807"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2023-08-30",
"url": "https://advisory.splunk.com//advisories/SVD-2023-0808"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0196-1 vom 2024-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017743.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-2988 vom 2024-05-28",
"url": "https://linux.oracle.com/errata/ELSA-2024-2988.html"
}
],
"source_lang": "en-US",
"title": "Splunk Splunk Enterprise: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-05-28T22:00:00.000+00:00",
"generator": {
"date": "2024-05-29T08:07:49.870+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2023-2229",
"initial_release_date": "2023-08-30T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-08-30T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-01-23T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-28T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Oracle Linux aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.1.1",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.1.1",
"product_id": "T029634",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.1.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.0.6",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.0.6",
"product_id": "T029635",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.0.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.2.12",
"product": {
"name": "Splunk Splunk Enterprise \u003c8.2.12",
"product_id": "T029636",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:8.2.12"
}
}
}
],
"category": "product_name",
"name": "Splunk Enterprise"
}
],
"category": "vendor",
"name": "Splunk"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-7489",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2013-7489"
},
{
"cve": "CVE-2018-10237",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2018-10237"
},
{
"cve": "CVE-2018-20225",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2018-20225"
},
{
"cve": "CVE-2019-20454",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2019-20454"
},
{
"cve": "CVE-2019-20838",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2019-20838"
},
{
"cve": "CVE-2020-14155",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2020-14155"
},
{
"cve": "CVE-2020-28469",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2020-28469"
},
{
"cve": "CVE-2020-28851",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2020-28851"
},
{
"cve": "CVE-2020-29652",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2020-29652"
},
{
"cve": "CVE-2020-8169",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2020-8169"
},
{
"cve": "CVE-2020-8177",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2020-8177"
},
{
"cve": "CVE-2020-8231",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2020-8231"
},
{
"cve": "CVE-2020-8284",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2020-8284"
},
{
"cve": "CVE-2020-8285",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2020-8285"
},
{
"cve": "CVE-2020-8286",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2020-8286"
},
{
"cve": "CVE-2020-8908",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2020-8908"
},
{
"cve": "CVE-2021-20066",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-20066"
},
{
"cve": "CVE-2021-22569",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-22569"
},
{
"cve": "CVE-2021-22876",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-22876"
},
{
"cve": "CVE-2021-22890",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-22890"
},
{
"cve": "CVE-2021-22897",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-22897"
},
{
"cve": "CVE-2021-22898",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-22898"
},
{
"cve": "CVE-2021-22901",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-22901"
},
{
"cve": "CVE-2021-22922",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-22922"
},
{
"cve": "CVE-2021-22923",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-22923"
},
{
"cve": "CVE-2021-22924",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-22924"
},
{
"cve": "CVE-2021-22925",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-22925"
},
{
"cve": "CVE-2021-22926",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-22926"
},
{
"cve": "CVE-2021-22945",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-22945"
},
{
"cve": "CVE-2021-22946",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-22946"
},
{
"cve": "CVE-2021-22947",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-22947"
},
{
"cve": "CVE-2021-23343",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-23343"
},
{
"cve": "CVE-2021-23382",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-23382"
},
{
"cve": "CVE-2021-27918",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-27918"
},
{
"cve": "CVE-2021-27919",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-27919"
},
{
"cve": "CVE-2021-29060",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-29060"
},
{
"cve": "CVE-2021-29425",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-29425"
},
{
"cve": "CVE-2021-29923",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-29923"
},
{
"cve": "CVE-2021-31525",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-31525"
},
{
"cve": "CVE-2021-31566",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-31566"
},
{
"cve": "CVE-2021-33194",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-33194"
},
{
"cve": "CVE-2021-33195",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-33195"
},
{
"cve": "CVE-2021-33196",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-33196"
},
{
"cve": "CVE-2021-33197",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-33197"
},
{
"cve": "CVE-2021-33198",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-33198"
},
{
"cve": "CVE-2021-34558",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-34558"
},
{
"cve": "CVE-2021-3520",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-3520"
},
{
"cve": "CVE-2021-3572",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-3572"
},
{
"cve": "CVE-2021-36221",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-36221"
},
{
"cve": "CVE-2021-36976",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-36976"
},
{
"cve": "CVE-2021-3803",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-3803"
},
{
"cve": "CVE-2021-38297",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-38297"
},
{
"cve": "CVE-2021-38561",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-38561"
},
{
"cve": "CVE-2021-39293",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-39293"
},
{
"cve": "CVE-2021-41182",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-41182"
},
{
"cve": "CVE-2021-41183",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-41183"
},
{
"cve": "CVE-2021-41184",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-41184"
},
{
"cve": "CVE-2021-41771",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-41771"
},
{
"cve": "CVE-2021-41772",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-41772"
},
{
"cve": "CVE-2021-43565",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-43565"
},
{
"cve": "CVE-2021-44716",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-44716"
},
{
"cve": "CVE-2021-44717",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2021-44717"
},
{
"cve": "CVE-2022-1705",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-1705"
},
{
"cve": "CVE-2022-1941",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-1941"
},
{
"cve": "CVE-2022-1962",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-1962"
},
{
"cve": "CVE-2022-22576",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-22576"
},
{
"cve": "CVE-2022-2309",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-2309"
},
{
"cve": "CVE-2022-23491",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-23491"
},
{
"cve": "CVE-2022-23772",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-23772"
},
{
"cve": "CVE-2022-23773",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-23773"
},
{
"cve": "CVE-2022-23806",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-23806"
},
{
"cve": "CVE-2022-24675",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-24675"
},
{
"cve": "CVE-2022-24921",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-24921"
},
{
"cve": "CVE-2022-24999",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-24999"
},
{
"cve": "CVE-2022-25881",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-25881"
},
{
"cve": "CVE-2022-27191",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-27191"
},
{
"cve": "CVE-2022-27536",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-27536"
},
{
"cve": "CVE-2022-27664",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-27664"
},
{
"cve": "CVE-2022-27774",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-27774"
},
{
"cve": "CVE-2022-27775",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-27775"
},
{
"cve": "CVE-2022-27776",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-27776"
},
{
"cve": "CVE-2022-27778",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-27778"
},
{
"cve": "CVE-2022-27779",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-27779"
},
{
"cve": "CVE-2022-27780",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-27780"
},
{
"cve": "CVE-2022-27781",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-27781"
},
{
"cve": "CVE-2022-27782",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-27782"
},
{
"cve": "CVE-2022-28131",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-28131"
},
{
"cve": "CVE-2022-28327",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-28327"
},
{
"cve": "CVE-2022-2879",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-2879"
},
{
"cve": "CVE-2022-2880",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-2880"
},
{
"cve": "CVE-2022-29526",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-29526"
},
{
"cve": "CVE-2022-29804",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-29804"
},
{
"cve": "CVE-2022-30115",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-30115"
},
{
"cve": "CVE-2022-30580",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-30580"
},
{
"cve": "CVE-2022-30629",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-30629"
},
{
"cve": "CVE-2022-30630",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-30630"
},
{
"cve": "CVE-2022-30631",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-30631"
},
{
"cve": "CVE-2022-30632",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-30632"
},
{
"cve": "CVE-2022-30633",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-30633"
},
{
"cve": "CVE-2022-30634",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-30634"
},
{
"cve": "CVE-2022-30635",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-30635"
},
{
"cve": "CVE-2022-31129",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-31129"
},
{
"cve": "CVE-2022-3171",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-3171"
},
{
"cve": "CVE-2022-32148",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-32148"
},
{
"cve": "CVE-2022-32149",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-32149"
},
{
"cve": "CVE-2022-32189",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-32189"
},
{
"cve": "CVE-2022-32205",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-32205"
},
{
"cve": "CVE-2022-32206",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-32206"
},
{
"cve": "CVE-2022-32207",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-32207"
},
{
"cve": "CVE-2022-32208",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-32208"
},
{
"cve": "CVE-2022-32221",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-32221"
},
{
"cve": "CVE-2022-33987",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-33987"
},
{
"cve": "CVE-2022-3509",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-3509"
},
{
"cve": "CVE-2022-3510",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-3510"
},
{
"cve": "CVE-2022-3517",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-3517"
},
{
"cve": "CVE-2022-35252",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-35252"
},
{
"cve": "CVE-2022-35260",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-35260"
},
{
"cve": "CVE-2022-35737",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-35737"
},
{
"cve": "CVE-2022-36227",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-36227"
},
{
"cve": "CVE-2022-37599",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-37599"
},
{
"cve": "CVE-2022-37601",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-37601"
},
{
"cve": "CVE-2022-37603",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-37603"
},
{
"cve": "CVE-2022-38900",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-38900"
},
{
"cve": "CVE-2022-40023",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-40023"
},
{
"cve": "CVE-2022-40897",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-40897"
},
{
"cve": "CVE-2022-40899",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-40899"
},
{
"cve": "CVE-2022-41715",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-41715"
},
{
"cve": "CVE-2022-41716",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-41716"
},
{
"cve": "CVE-2022-41720",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-41720"
},
{
"cve": "CVE-2022-41722",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-41722"
},
{
"cve": "CVE-2022-42003",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-42003"
},
{
"cve": "CVE-2022-42004",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-42004"
},
{
"cve": "CVE-2022-42915",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-42915"
},
{
"cve": "CVE-2022-42916",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-42916"
},
{
"cve": "CVE-2022-43551",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-43551"
},
{
"cve": "CVE-2022-43552",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-43552"
},
{
"cve": "CVE-2022-46175",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2022-46175"
},
{
"cve": "CVE-2023-23914",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-23914"
},
{
"cve": "CVE-2023-23915",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-23915"
},
{
"cve": "CVE-2023-23916",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-23916"
},
{
"cve": "CVE-2023-24539",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-24539"
},
{
"cve": "CVE-2023-24540",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-24540"
},
{
"cve": "CVE-2023-27533",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-27533"
},
{
"cve": "CVE-2023-27534",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-27534"
},
{
"cve": "CVE-2023-27535",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-27535"
},
{
"cve": "CVE-2023-27536",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-27536"
},
{
"cve": "CVE-2023-27537",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-27537"
},
{
"cve": "CVE-2023-27538",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-27538"
},
{
"cve": "CVE-2023-29400",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-29400"
},
{
"cve": "CVE-2023-29402",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-29402"
},
{
"cve": "CVE-2023-29403",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-29403"
},
{
"cve": "CVE-2023-29404",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-29404"
},
{
"cve": "CVE-2023-29405",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-29405"
},
{
"cve": "CVE-2023-40592",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-40592"
},
{
"cve": "CVE-2023-40593",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-40593"
},
{
"cve": "CVE-2023-40594",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-40594"
},
{
"cve": "CVE-2023-40595",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-40595"
},
{
"cve": "CVE-2023-40596",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-40596"
},
{
"cve": "CVE-2023-40597",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-40597"
},
{
"cve": "CVE-2023-40598",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern."
}
],
"product_status": {
"known_affected": [
"T002207",
"T004914"
]
},
"release_date": "2023-08-30T22:00:00Z",
"title": "CVE-2023-40598"
}
]
}
ghsa-38h6-vxp4-qxvm
Vulnerability from github
Published
2022-05-24 19:10
Modified
2022-05-24 19:10
Severity
Details
Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.
{
"affected": [],
"aliases": [
"CVE-2021-29923"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-07T17:15:00Z",
"severity": "HIGH"
},
"details": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.",
"id": "GHSA-38h6-vxp4-qxvm",
"modified": "2022-05-24T19:10:21Z",
"published": "2022-05-24T19:10:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"type": "WEB",
"url": "https://github.com/golang/go/issues/30999"
},
{
"type": "WEB",
"url": "https://github.com/golang/go/issues/43389"
},
{
"type": "WEB",
"url": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis"
},
{
"type": "WEB",
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md"
},
{
"type": "WEB",
"url": "https://go-review.googlesource.com/c/go/+/325829"
},
{
"type": "WEB",
"url": "https://golang.org/pkg/net/#ParseCIDR"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
Loading...