Action not permitted
Modal body text goes here.
cve-2021-33194
Vulnerability from cvelistv5
Published
2021-05-26 14:49
Modified
2024-08-03 23:42
Severity
Summary
golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T23:42:20.297Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7" }, { "name": "FEDORA-2022-17d004ed71", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-03-26T18:06:13", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7" }, { "name": "FEDORA-2022-17d004ed71", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-33194", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", "refsource": "CONFIRM", "url": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg" }, { "name": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", "refsource": "MISC", "url": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7" }, { "name": "FEDORA-2022-17d004ed71", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-33194", "datePublished": "2021-05-26T14:49:46", "dateReserved": "2021-05-19T00:00:00", "dateUpdated": "2024-08-03T23:42:20.297Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2021-33194\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-05-26T15:15:08.217\",\"lastModified\":\"2023-11-07T03:35:49.147\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.\"},{\"lang\":\"es\",\"value\":\"golang.org/x/net antes de v0.0.0-20210520170846-37e1c6afe023 permite a los atacantes provocar una denegaci\u00f3n de servicio (bucle infinito) a trav\u00e9s de una entrada ParseFragment manipulada\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-835\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.15.12\",\"matchCriteriaId\":\"17BEA7D1-9189-4A8D-AF67-807332ECC57A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.16.0\",\"versionEndIncluding\":\"1.16.4\",\"matchCriteriaId\":\"B885E59F-8343-4978-B580-707971E75689\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]}],\"references\":[{\"url\":\"https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/wPunbCPkWUg\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/\",\"source\":\"cve@mitre.org\"}]}}" } }
rhsa-2021_4627
Vulnerability from csaf_redhat
Published
2021-11-15 12:56
Modified
2024-09-18 04:20
Summary
Red Hat Security Advisory: Openshift Logging 5.3.0 bug fix and security update
Notes
Topic
An update is now available for OpenShift Logging 5.3.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Openshift Logging Bug Fix Release (5.3.0)
Security Fix(es):
* golang: x/net/html: infinite loop in ParseFragment (CVE-2021-33194)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for OpenShift Logging 5.3.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Openshift Logging Bug Fix Release (5.3.0)\n\nSecurity Fix(es):\n\n* golang: x/net/html: infinite loop in ParseFragment (CVE-2021-33194)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:4627", "url": "https://access.redhat.com/errata/RHSA-2021:4627" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1963232", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963232" }, { "category": "external", "summary": "LOG-1168", "url": "https://issues.redhat.com/browse/LOG-1168" }, { "category": "external", "summary": "LOG-1235", "url": "https://issues.redhat.com/browse/LOG-1235" }, { "category": "external", "summary": "LOG-1375", "url": "https://issues.redhat.com/browse/LOG-1375" }, { "category": "external", "summary": "LOG-1378", "url": "https://issues.redhat.com/browse/LOG-1378" }, { "category": "external", "summary": "LOG-1392", "url": "https://issues.redhat.com/browse/LOG-1392" }, { "category": "external", "summary": "LOG-1494", "url": "https://issues.redhat.com/browse/LOG-1494" }, { "category": "external", "summary": "LOG-1555", "url": "https://issues.redhat.com/browse/LOG-1555" }, { "category": "external", "summary": "LOG-1575", "url": "https://issues.redhat.com/browse/LOG-1575" }, { "category": "external", "summary": "LOG-1735", "url": "https://issues.redhat.com/browse/LOG-1735" }, { "category": "external", "summary": "LOG-1774", "url": "https://issues.redhat.com/browse/LOG-1774" }, { "category": "external", "summary": "LOG-1776", "url": "https://issues.redhat.com/browse/LOG-1776" }, { "category": "external", "summary": "LOG-1822", "url": "https://issues.redhat.com/browse/LOG-1822" }, { "category": "external", "summary": "LOG-1859", "url": "https://issues.redhat.com/browse/LOG-1859" }, { "category": "external", "summary": "LOG-1862", "url": "https://issues.redhat.com/browse/LOG-1862" }, { "category": "external", "summary": "LOG-1903", "url": "https://issues.redhat.com/browse/LOG-1903" }, { "category": "external", "summary": "LOG-1911", "url": "https://issues.redhat.com/browse/LOG-1911" }, { "category": "external", "summary": "LOG-1918", "url": "https://issues.redhat.com/browse/LOG-1918" }, { "category": "external", "summary": "LOG-1939", "url": "https://issues.redhat.com/browse/LOG-1939" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_4627.json" } ], "title": "Red Hat Security Advisory: Openshift Logging 5.3.0 bug fix and security update", "tracking": { "current_release_date": "2024-09-18T04:20:53+00:00", "generator": { "date": "2024-09-18T04:20:53+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2021:4627", "initial_release_date": "2021-11-15T12:56:17+00:00", "revision_history": [ { "date": "2021-11-15T12:56:17+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-11-15T12:56:17+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-18T04:20:53+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "OpenShift Logging 5.3", "product": { "name": "OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:logging:5.3::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:90374d9017fad93df9799888f4f5c8af7d6dbefec5a3e8079557ae17be19030d_s390x", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:90374d9017fad93df9799888f4f5c8af7d6dbefec5a3e8079557ae17be19030d_s390x", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:90374d9017fad93df9799888f4f5c8af7d6dbefec5a3e8079557ae17be19030d_s390x", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:90374d9017fad93df9799888f4f5c8af7d6dbefec5a3e8079557ae17be19030d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.0-33" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:6d6ba1903a08f13b718ac33114fa064b8c91e3c995fce3fcb6ea8ac31ef96281_s390x", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:6d6ba1903a08f13b718ac33114fa064b8c91e3c995fce3fcb6ea8ac31ef96281_s390x", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:6d6ba1903a08f13b718ac33114fa064b8c91e3c995fce3fcb6ea8ac31ef96281_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:6d6ba1903a08f13b718ac33114fa064b8c91e3c995fce3fcb6ea8ac31ef96281?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.0-19" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:3a0730bd7bebc53b00899c52851c2f8b7b8b69580077d78d5082724fc75cb5c0_s390x", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:3a0730bd7bebc53b00899c52851c2f8b7b8b69580077d78d5082724fc75cb5c0_s390x", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:3a0730bd7bebc53b00899c52851c2f8b7b8b69580077d78d5082724fc75cb5c0_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:3a0730bd7bebc53b00899c52851c2f8b7b8b69580077d78d5082724fc75cb5c0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-44" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4ec0788137371540c19b31f950a52bc545b2614e785fea4256046cd10bab40d9_s390x", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4ec0788137371540c19b31f950a52bc545b2614e785fea4256046cd10bab40d9_s390x", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4ec0788137371540c19b31f950a52bc545b2614e785fea4256046cd10bab40d9_s390x", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:4ec0788137371540c19b31f950a52bc545b2614e785fea4256046cd10bab40d9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-29" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:0ec53f8efce670aacf0ce3d604a77d5b37860974f414c3f9f76b8d6d3259ae66_s390x", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:0ec53f8efce670aacf0ce3d604a77d5b37860974f414c3f9f76b8d6d3259ae66_s390x", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:0ec53f8efce670aacf0ce3d604a77d5b37860974f414c3f9f76b8d6d3259ae66_s390x", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:0ec53f8efce670aacf0ce3d604a77d5b37860974f414c3f9f76b8d6d3259ae66?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-29" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:0bee91bd941738259926aff0b487f0c0de84014c3e1140d2e4d65fe190214fe1_s390x", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:0bee91bd941738259926aff0b487f0c0de84014c3e1140d2e4d65fe190214fe1_s390x", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:0bee91bd941738259926aff0b487f0c0de84014c3e1140d2e4d65fe190214fe1_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:0bee91bd941738259926aff0b487f0c0de84014c3e1140d2e4d65fe190214fe1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-42" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:539112fe034588cd25757bddcc44508ba69bb65a305cd16e56e640b91a4b2d2f_s390x", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:539112fe034588cd25757bddcc44508ba69bb65a305cd16e56e640b91a4b2d2f_s390x", "product_id": "openshift-logging/eventrouter-rhel8@sha256:539112fe034588cd25757bddcc44508ba69bb65a305cd16e56e640b91a4b2d2f_s390x", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:539112fe034588cd25757bddcc44508ba69bb65a305cd16e56e640b91a4b2d2f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-42" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:5103d73962109f640c01218728cfabb48e7e9c77446ca571a0a0a887741afab4_s390x", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:5103d73962109f640c01218728cfabb48e7e9c77446ca571a0a0a887741afab4_s390x", "product_id": "openshift-logging/fluentd-rhel8@sha256:5103d73962109f640c01218728cfabb48e7e9c77446ca571a0a0a887741afab4_s390x", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:5103d73962109f640c01218728cfabb48e7e9c77446ca571a0a0a887741afab4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-42" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:d6eb862cdc8332aed78bb0e876c1fce7815d41c31519e2ec8e3348307cf87ef4_s390x", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:d6eb862cdc8332aed78bb0e876c1fce7815d41c31519e2ec8e3348307cf87ef4_s390x", "product_id": "openshift-logging/kibana6-rhel8@sha256:d6eb862cdc8332aed78bb0e876c1fce7815d41c31519e2ec8e3348307cf87ef4_s390x", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:d6eb862cdc8332aed78bb0e876c1fce7815d41c31519e2ec8e3348307cf87ef4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-49" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6cfbd36d094fa24981d5687c46bcbedfab69c8d20628565189eedbb4724ee225_ppc64le", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6cfbd36d094fa24981d5687c46bcbedfab69c8d20628565189eedbb4724ee225_ppc64le", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:6cfbd36d094fa24981d5687c46bcbedfab69c8d20628565189eedbb4724ee225_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:6cfbd36d094fa24981d5687c46bcbedfab69c8d20628565189eedbb4724ee225?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.0-33" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:6149e72c8c94910c8ad438e477186caf0b85730ffbf6c3f5277027d963804e50_ppc64le", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:6149e72c8c94910c8ad438e477186caf0b85730ffbf6c3f5277027d963804e50_ppc64le", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:6149e72c8c94910c8ad438e477186caf0b85730ffbf6c3f5277027d963804e50_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:6149e72c8c94910c8ad438e477186caf0b85730ffbf6c3f5277027d963804e50?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.0-19" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:9808a759742d9a992f995e48378f7d609775daee260a49c89a5f04abefbf0eef_ppc64le", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:9808a759742d9a992f995e48378f7d609775daee260a49c89a5f04abefbf0eef_ppc64le", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:9808a759742d9a992f995e48378f7d609775daee260a49c89a5f04abefbf0eef_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:9808a759742d9a992f995e48378f7d609775daee260a49c89a5f04abefbf0eef?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-44" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9b1b143b2be3e1b7d82293cf18d3c0f1eef39f9e3c6cbedf3a1b250b4aab87_ppc64le", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9b1b143b2be3e1b7d82293cf18d3c0f1eef39f9e3c6cbedf3a1b250b4aab87_ppc64le", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9b1b143b2be3e1b7d82293cf18d3c0f1eef39f9e3c6cbedf3a1b250b4aab87_ppc64le", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:4a9b1b143b2be3e1b7d82293cf18d3c0f1eef39f9e3c6cbedf3a1b250b4aab87?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-29" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:8116aff94708793be9fe9d0479d6350a02f9efa7857c0261ebe4c0d8ef6d7422_ppc64le", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:8116aff94708793be9fe9d0479d6350a02f9efa7857c0261ebe4c0d8ef6d7422_ppc64le", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:8116aff94708793be9fe9d0479d6350a02f9efa7857c0261ebe4c0d8ef6d7422_ppc64le", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:8116aff94708793be9fe9d0479d6350a02f9efa7857c0261ebe4c0d8ef6d7422?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-29" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:4ca513e3b3253892e1d6dbc12f696ca7cbd24d9aa47ad1001f79ebd7195d5692_ppc64le", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:4ca513e3b3253892e1d6dbc12f696ca7cbd24d9aa47ad1001f79ebd7195d5692_ppc64le", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:4ca513e3b3253892e1d6dbc12f696ca7cbd24d9aa47ad1001f79ebd7195d5692_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:4ca513e3b3253892e1d6dbc12f696ca7cbd24d9aa47ad1001f79ebd7195d5692?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-42" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:6b7614b921943a2332f2d6e911db7c9c4c3dbb91988b849bdcb892f966e412f6_ppc64le", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:6b7614b921943a2332f2d6e911db7c9c4c3dbb91988b849bdcb892f966e412f6_ppc64le", "product_id": "openshift-logging/eventrouter-rhel8@sha256:6b7614b921943a2332f2d6e911db7c9c4c3dbb91988b849bdcb892f966e412f6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:6b7614b921943a2332f2d6e911db7c9c4c3dbb91988b849bdcb892f966e412f6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-42" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:e0e5b0904e68656912d707479cd8465f9e793dc22f24accb7ebc5b118b5268af_ppc64le", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:e0e5b0904e68656912d707479cd8465f9e793dc22f24accb7ebc5b118b5268af_ppc64le", "product_id": "openshift-logging/fluentd-rhel8@sha256:e0e5b0904e68656912d707479cd8465f9e793dc22f24accb7ebc5b118b5268af_ppc64le", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:e0e5b0904e68656912d707479cd8465f9e793dc22f24accb7ebc5b118b5268af?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-42" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:90e95b67ad19c9725e6c48da5d3e0f8133d7d0a314d26d10f938dc1c57f665b6_ppc64le", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:90e95b67ad19c9725e6c48da5d3e0f8133d7d0a314d26d10f938dc1c57f665b6_ppc64le", "product_id": "openshift-logging/kibana6-rhel8@sha256:90e95b67ad19c9725e6c48da5d3e0f8133d7d0a314d26d10f938dc1c57f665b6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:90e95b67ad19c9725e6c48da5d3e0f8133d7d0a314d26d10f938dc1c57f665b6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-49" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:52b446198cabebb843d3389f5ac7c445dc244d104464dd604371436595341851_amd64", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:52b446198cabebb843d3389f5ac7c445dc244d104464dd604371436595341851_amd64", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:52b446198cabebb843d3389f5ac7c445dc244d104464dd604371436595341851_amd64", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:52b446198cabebb843d3389f5ac7c445dc244d104464dd604371436595341851?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.0-33" } } }, { "category": "product_version", "name": "openshift-logging/cluster-logging-operator-bundle@sha256:182074b0f7fc3f53e5058002053840b4abda552b1640db89035c333f6a3fc7e5_amd64", "product": { "name": "openshift-logging/cluster-logging-operator-bundle@sha256:182074b0f7fc3f53e5058002053840b4abda552b1640db89035c333f6a3fc7e5_amd64", "product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:182074b0f7fc3f53e5058002053840b4abda552b1640db89035c333f6a3fc7e5_amd64", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-operator-bundle@sha256:182074b0f7fc3f53e5058002053840b4abda552b1640db89035c333f6a3fc7e5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.3.0-55" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ca5e6be59e43f3786c77531d593b44004888568ffb03d01e524349015e53e624_amd64", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ca5e6be59e43f3786c77531d593b44004888568ffb03d01e524349015e53e624_amd64", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:ca5e6be59e43f3786c77531d593b44004888568ffb03d01e524349015e53e624_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:ca5e6be59e43f3786c77531d593b44004888568ffb03d01e524349015e53e624?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.0-19" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-operator-bundle@sha256:2caddd7da03ee120f6716445ef849faa57757826d74143b12bb953290fef0933_amd64", "product": { "name": "openshift-logging/elasticsearch-operator-bundle@sha256:2caddd7da03ee120f6716445ef849faa57757826d74143b12bb953290fef0933_amd64", "product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:2caddd7da03ee120f6716445ef849faa57757826d74143b12bb953290fef0933_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-operator-bundle@sha256:2caddd7da03ee120f6716445ef849faa57757826d74143b12bb953290fef0933?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.3.0-67" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e0733842d440d5a6c7e57bc0f70c743e545d796bc1756cea48e1a24037f07b49_amd64", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e0733842d440d5a6c7e57bc0f70c743e545d796bc1756cea48e1a24037f07b49_amd64", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e0733842d440d5a6c7e57bc0f70c743e545d796bc1756cea48e1a24037f07b49_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:e0733842d440d5a6c7e57bc0f70c743e545d796bc1756cea48e1a24037f07b49?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-44" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:71003965d73d308a80ca3c3b23906bde0613de3840233eb55826a1ccfa683c8a_amd64", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:71003965d73d308a80ca3c3b23906bde0613de3840233eb55826a1ccfa683c8a_amd64", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:71003965d73d308a80ca3c3b23906bde0613de3840233eb55826a1ccfa683c8a_amd64", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:71003965d73d308a80ca3c3b23906bde0613de3840233eb55826a1ccfa683c8a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-29" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:1597687c75b7c671e1043124c2c5b483139de7eff388553545f19cfb593b1a3a_amd64", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:1597687c75b7c671e1043124c2c5b483139de7eff388553545f19cfb593b1a3a_amd64", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:1597687c75b7c671e1043124c2c5b483139de7eff388553545f19cfb593b1a3a_amd64", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:1597687c75b7c671e1043124c2c5b483139de7eff388553545f19cfb593b1a3a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-29" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:012aa4f6f263d64150b50a8ee2031032c4fbab3e6e8d7d17216259fa74e97ec5_amd64", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:012aa4f6f263d64150b50a8ee2031032c4fbab3e6e8d7d17216259fa74e97ec5_amd64", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:012aa4f6f263d64150b50a8ee2031032c4fbab3e6e8d7d17216259fa74e97ec5_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:012aa4f6f263d64150b50a8ee2031032c4fbab3e6e8d7d17216259fa74e97ec5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-42" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:68ba096240d2100ac422268828041a022614f168f4756c4dc92e672e4e1a5c24_amd64", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:68ba096240d2100ac422268828041a022614f168f4756c4dc92e672e4e1a5c24_amd64", "product_id": "openshift-logging/eventrouter-rhel8@sha256:68ba096240d2100ac422268828041a022614f168f4756c4dc92e672e4e1a5c24_amd64", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:68ba096240d2100ac422268828041a022614f168f4756c4dc92e672e4e1a5c24?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-42" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:0b8a4fcb7de64ecb88c7d579d9c068438be341fd26530b725800acda04991ab3_amd64", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:0b8a4fcb7de64ecb88c7d579d9c068438be341fd26530b725800acda04991ab3_amd64", "product_id": "openshift-logging/fluentd-rhel8@sha256:0b8a4fcb7de64ecb88c7d579d9c068438be341fd26530b725800acda04991ab3_amd64", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:0b8a4fcb7de64ecb88c7d579d9c068438be341fd26530b725800acda04991ab3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-42" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:8a1b73889617f5613538d6a04dd09d7b2e67d911d1efa897deac7ca90c7f076c_amd64", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:8a1b73889617f5613538d6a04dd09d7b2e67d911d1efa897deac7ca90c7f076c_amd64", "product_id": "openshift-logging/kibana6-rhel8@sha256:8a1b73889617f5613538d6a04dd09d7b2e67d911d1efa897deac7ca90c7f076c_amd64", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:8a1b73889617f5613538d6a04dd09d7b2e67d911d1efa897deac7ca90c7f076c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-49" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-operator-bundle@sha256:182074b0f7fc3f53e5058002053840b4abda552b1640db89035c333f6a3fc7e5_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:182074b0f7fc3f53e5058002053840b4abda552b1640db89035c333f6a3fc7e5_amd64" }, "product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:182074b0f7fc3f53e5058002053840b4abda552b1640db89035c333f6a3fc7e5_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:52b446198cabebb843d3389f5ac7c445dc244d104464dd604371436595341851_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:52b446198cabebb843d3389f5ac7c445dc244d104464dd604371436595341851_amd64" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:52b446198cabebb843d3389f5ac7c445dc244d104464dd604371436595341851_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6cfbd36d094fa24981d5687c46bcbedfab69c8d20628565189eedbb4724ee225_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6cfbd36d094fa24981d5687c46bcbedfab69c8d20628565189eedbb4724ee225_ppc64le" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:6cfbd36d094fa24981d5687c46bcbedfab69c8d20628565189eedbb4724ee225_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:90374d9017fad93df9799888f4f5c8af7d6dbefec5a3e8079557ae17be19030d_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:90374d9017fad93df9799888f4f5c8af7d6dbefec5a3e8079557ae17be19030d_s390x" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:90374d9017fad93df9799888f4f5c8af7d6dbefec5a3e8079557ae17be19030d_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-operator-bundle@sha256:2caddd7da03ee120f6716445ef849faa57757826d74143b12bb953290fef0933_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:2caddd7da03ee120f6716445ef849faa57757826d74143b12bb953290fef0933_amd64" }, "product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:2caddd7da03ee120f6716445ef849faa57757826d74143b12bb953290fef0933_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:3a0730bd7bebc53b00899c52851c2f8b7b8b69580077d78d5082724fc75cb5c0_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:3a0730bd7bebc53b00899c52851c2f8b7b8b69580077d78d5082724fc75cb5c0_s390x" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:3a0730bd7bebc53b00899c52851c2f8b7b8b69580077d78d5082724fc75cb5c0_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:9808a759742d9a992f995e48378f7d609775daee260a49c89a5f04abefbf0eef_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9808a759742d9a992f995e48378f7d609775daee260a49c89a5f04abefbf0eef_ppc64le" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:9808a759742d9a992f995e48378f7d609775daee260a49c89a5f04abefbf0eef_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e0733842d440d5a6c7e57bc0f70c743e545d796bc1756cea48e1a24037f07b49_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e0733842d440d5a6c7e57bc0f70c743e545d796bc1756cea48e1a24037f07b49_amd64" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e0733842d440d5a6c7e57bc0f70c743e545d796bc1756cea48e1a24037f07b49_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:6149e72c8c94910c8ad438e477186caf0b85730ffbf6c3f5277027d963804e50_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:6149e72c8c94910c8ad438e477186caf0b85730ffbf6c3f5277027d963804e50_ppc64le" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:6149e72c8c94910c8ad438e477186caf0b85730ffbf6c3f5277027d963804e50_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:6d6ba1903a08f13b718ac33114fa064b8c91e3c995fce3fcb6ea8ac31ef96281_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:6d6ba1903a08f13b718ac33114fa064b8c91e3c995fce3fcb6ea8ac31ef96281_s390x" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:6d6ba1903a08f13b718ac33114fa064b8c91e3c995fce3fcb6ea8ac31ef96281_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ca5e6be59e43f3786c77531d593b44004888568ffb03d01e524349015e53e624_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ca5e6be59e43f3786c77531d593b44004888568ffb03d01e524349015e53e624_amd64" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:ca5e6be59e43f3786c77531d593b44004888568ffb03d01e524349015e53e624_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:012aa4f6f263d64150b50a8ee2031032c4fbab3e6e8d7d17216259fa74e97ec5_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:012aa4f6f263d64150b50a8ee2031032c4fbab3e6e8d7d17216259fa74e97ec5_amd64" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:012aa4f6f263d64150b50a8ee2031032c4fbab3e6e8d7d17216259fa74e97ec5_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:0bee91bd941738259926aff0b487f0c0de84014c3e1140d2e4d65fe190214fe1_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:0bee91bd941738259926aff0b487f0c0de84014c3e1140d2e4d65fe190214fe1_s390x" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:0bee91bd941738259926aff0b487f0c0de84014c3e1140d2e4d65fe190214fe1_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:4ca513e3b3253892e1d6dbc12f696ca7cbd24d9aa47ad1001f79ebd7195d5692_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:4ca513e3b3253892e1d6dbc12f696ca7cbd24d9aa47ad1001f79ebd7195d5692_ppc64le" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:4ca513e3b3253892e1d6dbc12f696ca7cbd24d9aa47ad1001f79ebd7195d5692_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:539112fe034588cd25757bddcc44508ba69bb65a305cd16e56e640b91a4b2d2f_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:539112fe034588cd25757bddcc44508ba69bb65a305cd16e56e640b91a4b2d2f_s390x" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:539112fe034588cd25757bddcc44508ba69bb65a305cd16e56e640b91a4b2d2f_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:68ba096240d2100ac422268828041a022614f168f4756c4dc92e672e4e1a5c24_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:68ba096240d2100ac422268828041a022614f168f4756c4dc92e672e4e1a5c24_amd64" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:68ba096240d2100ac422268828041a022614f168f4756c4dc92e672e4e1a5c24_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:6b7614b921943a2332f2d6e911db7c9c4c3dbb91988b849bdcb892f966e412f6_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:6b7614b921943a2332f2d6e911db7c9c4c3dbb91988b849bdcb892f966e412f6_ppc64le" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:6b7614b921943a2332f2d6e911db7c9c4c3dbb91988b849bdcb892f966e412f6_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:0b8a4fcb7de64ecb88c7d579d9c068438be341fd26530b725800acda04991ab3_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:0b8a4fcb7de64ecb88c7d579d9c068438be341fd26530b725800acda04991ab3_amd64" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:0b8a4fcb7de64ecb88c7d579d9c068438be341fd26530b725800acda04991ab3_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:5103d73962109f640c01218728cfabb48e7e9c77446ca571a0a0a887741afab4_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:5103d73962109f640c01218728cfabb48e7e9c77446ca571a0a0a887741afab4_s390x" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:5103d73962109f640c01218728cfabb48e7e9c77446ca571a0a0a887741afab4_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:e0e5b0904e68656912d707479cd8465f9e793dc22f24accb7ebc5b118b5268af_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e0e5b0904e68656912d707479cd8465f9e793dc22f24accb7ebc5b118b5268af_ppc64le" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:e0e5b0904e68656912d707479cd8465f9e793dc22f24accb7ebc5b118b5268af_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:8a1b73889617f5613538d6a04dd09d7b2e67d911d1efa897deac7ca90c7f076c_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:8a1b73889617f5613538d6a04dd09d7b2e67d911d1efa897deac7ca90c7f076c_amd64" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:8a1b73889617f5613538d6a04dd09d7b2e67d911d1efa897deac7ca90c7f076c_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:90e95b67ad19c9725e6c48da5d3e0f8133d7d0a314d26d10f938dc1c57f665b6_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:90e95b67ad19c9725e6c48da5d3e0f8133d7d0a314d26d10f938dc1c57f665b6_ppc64le" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:90e95b67ad19c9725e6c48da5d3e0f8133d7d0a314d26d10f938dc1c57f665b6_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:d6eb862cdc8332aed78bb0e876c1fce7815d41c31519e2ec8e3348307cf87ef4_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d6eb862cdc8332aed78bb0e876c1fce7815d41c31519e2ec8e3348307cf87ef4_s390x" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:d6eb862cdc8332aed78bb0e876c1fce7815d41c31519e2ec8e3348307cf87ef4_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9b1b143b2be3e1b7d82293cf18d3c0f1eef39f9e3c6cbedf3a1b250b4aab87_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9b1b143b2be3e1b7d82293cf18d3c0f1eef39f9e3c6cbedf3a1b250b4aab87_ppc64le" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9b1b143b2be3e1b7d82293cf18d3c0f1eef39f9e3c6cbedf3a1b250b4aab87_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4ec0788137371540c19b31f950a52bc545b2614e785fea4256046cd10bab40d9_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4ec0788137371540c19b31f950a52bc545b2614e785fea4256046cd10bab40d9_s390x" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4ec0788137371540c19b31f950a52bc545b2614e785fea4256046cd10bab40d9_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:71003965d73d308a80ca3c3b23906bde0613de3840233eb55826a1ccfa683c8a_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:71003965d73d308a80ca3c3b23906bde0613de3840233eb55826a1ccfa683c8a_amd64" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:71003965d73d308a80ca3c3b23906bde0613de3840233eb55826a1ccfa683c8a_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:0ec53f8efce670aacf0ce3d604a77d5b37860974f414c3f9f76b8d6d3259ae66_s390x as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:0ec53f8efce670aacf0ce3d604a77d5b37860974f414c3f9f76b8d6d3259ae66_s390x" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:0ec53f8efce670aacf0ce3d604a77d5b37860974f414c3f9f76b8d6d3259ae66_s390x", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:1597687c75b7c671e1043124c2c5b483139de7eff388553545f19cfb593b1a3a_amd64 as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1597687c75b7c671e1043124c2c5b483139de7eff388553545f19cfb593b1a3a_amd64" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:1597687c75b7c671e1043124c2c5b483139de7eff388553545f19cfb593b1a3a_amd64", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:8116aff94708793be9fe9d0479d6350a02f9efa7857c0261ebe4c0d8ef6d7422_ppc64le as a component of OpenShift Logging 5.3", "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8116aff94708793be9fe9d0479d6350a02f9efa7857c0261ebe4c0d8ef6d7422_ppc64le" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:8116aff94708793be9fe9d0479d6350a02f9efa7857c0261ebe4c0d8ef6d7422_ppc64le", "relates_to_product_reference": "8Base-OSE-LOGGING-5.3" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-33194", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2021-05-20T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:182074b0f7fc3f53e5058002053840b4abda552b1640db89035c333f6a3fc7e5_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:52b446198cabebb843d3389f5ac7c445dc244d104464dd604371436595341851_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6cfbd36d094fa24981d5687c46bcbedfab69c8d20628565189eedbb4724ee225_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:90374d9017fad93df9799888f4f5c8af7d6dbefec5a3e8079557ae17be19030d_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:2caddd7da03ee120f6716445ef849faa57757826d74143b12bb953290fef0933_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:012aa4f6f263d64150b50a8ee2031032c4fbab3e6e8d7d17216259fa74e97ec5_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:0bee91bd941738259926aff0b487f0c0de84014c3e1140d2e4d65fe190214fe1_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:4ca513e3b3253892e1d6dbc12f696ca7cbd24d9aa47ad1001f79ebd7195d5692_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:539112fe034588cd25757bddcc44508ba69bb65a305cd16e56e640b91a4b2d2f_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:68ba096240d2100ac422268828041a022614f168f4756c4dc92e672e4e1a5c24_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:6b7614b921943a2332f2d6e911db7c9c4c3dbb91988b849bdcb892f966e412f6_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:0b8a4fcb7de64ecb88c7d579d9c068438be341fd26530b725800acda04991ab3_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:5103d73962109f640c01218728cfabb48e7e9c77446ca571a0a0a887741afab4_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e0e5b0904e68656912d707479cd8465f9e793dc22f24accb7ebc5b118b5268af_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:8a1b73889617f5613538d6a04dd09d7b2e67d911d1efa897deac7ca90c7f076c_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:90e95b67ad19c9725e6c48da5d3e0f8133d7d0a314d26d10f938dc1c57f665b6_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d6eb862cdc8332aed78bb0e876c1fce7815d41c31519e2ec8e3348307cf87ef4_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9b1b143b2be3e1b7d82293cf18d3c0f1eef39f9e3c6cbedf3a1b250b4aab87_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4ec0788137371540c19b31f950a52bc545b2614e785fea4256046cd10bab40d9_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:71003965d73d308a80ca3c3b23906bde0613de3840233eb55826a1ccfa683c8a_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:0ec53f8efce670aacf0ce3d604a77d5b37860974f414c3f9f76b8d6d3259ae66_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1597687c75b7c671e1043124c2c5b483139de7eff388553545f19cfb593b1a3a_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8116aff94708793be9fe9d0479d6350a02f9efa7857c0261ebe4c0d8ef6d7422_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1963232" } ], "notes": [ { "category": "description", "text": "A flaw was found in golang. An attacker can craft an input to ParseFragment within parse.go that would cause it to enter an infinite loop and never return. The greatest threat to the system is of availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: x/net/html: infinite loop in ParseFragment", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Developer Tools go-toolset-1.14-golang not affected because the vulnerable code is not shipped.\n\nThis vulnerability within golang and buildah shipped with RHEL-7 are out of support scope. For more information on Red Hat\u0027s support scope, visit: https://access.redhat.com/support/policy/updates/errata\n\nFor RHEL-8\u0027s go-toolset:rhel8/golang, container-tools:1.0/buildah, container-tools:2.0/buildah, and container-tools:rhel8/buildah, the affected function is only used in e2e tests.\n\nFor RHEL-9\u0027s golang and buildah, the affected function is only used in e2e tests.\n\nRed Hat Openshift Container Storage has dependencies with the affected code, however, low priority trackers were filed as the vulnerable code is not shipped or used.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:3a0730bd7bebc53b00899c52851c2f8b7b8b69580077d78d5082724fc75cb5c0_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9808a759742d9a992f995e48378f7d609775daee260a49c89a5f04abefbf0eef_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e0733842d440d5a6c7e57bc0f70c743e545d796bc1756cea48e1a24037f07b49_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:6149e72c8c94910c8ad438e477186caf0b85730ffbf6c3f5277027d963804e50_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:6d6ba1903a08f13b718ac33114fa064b8c91e3c995fce3fcb6ea8ac31ef96281_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ca5e6be59e43f3786c77531d593b44004888568ffb03d01e524349015e53e624_amd64" ], "known_not_affected": [ "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:182074b0f7fc3f53e5058002053840b4abda552b1640db89035c333f6a3fc7e5_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:52b446198cabebb843d3389f5ac7c445dc244d104464dd604371436595341851_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:6cfbd36d094fa24981d5687c46bcbedfab69c8d20628565189eedbb4724ee225_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:90374d9017fad93df9799888f4f5c8af7d6dbefec5a3e8079557ae17be19030d_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:2caddd7da03ee120f6716445ef849faa57757826d74143b12bb953290fef0933_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:012aa4f6f263d64150b50a8ee2031032c4fbab3e6e8d7d17216259fa74e97ec5_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:0bee91bd941738259926aff0b487f0c0de84014c3e1140d2e4d65fe190214fe1_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:4ca513e3b3253892e1d6dbc12f696ca7cbd24d9aa47ad1001f79ebd7195d5692_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:539112fe034588cd25757bddcc44508ba69bb65a305cd16e56e640b91a4b2d2f_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:68ba096240d2100ac422268828041a022614f168f4756c4dc92e672e4e1a5c24_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:6b7614b921943a2332f2d6e911db7c9c4c3dbb91988b849bdcb892f966e412f6_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:0b8a4fcb7de64ecb88c7d579d9c068438be341fd26530b725800acda04991ab3_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:5103d73962109f640c01218728cfabb48e7e9c77446ca571a0a0a887741afab4_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:e0e5b0904e68656912d707479cd8465f9e793dc22f24accb7ebc5b118b5268af_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:8a1b73889617f5613538d6a04dd09d7b2e67d911d1efa897deac7ca90c7f076c_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:90e95b67ad19c9725e6c48da5d3e0f8133d7d0a314d26d10f938dc1c57f665b6_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d6eb862cdc8332aed78bb0e876c1fce7815d41c31519e2ec8e3348307cf87ef4_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9b1b143b2be3e1b7d82293cf18d3c0f1eef39f9e3c6cbedf3a1b250b4aab87_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4ec0788137371540c19b31f950a52bc545b2614e785fea4256046cd10bab40d9_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:71003965d73d308a80ca3c3b23906bde0613de3840233eb55826a1ccfa683c8a_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:0ec53f8efce670aacf0ce3d604a77d5b37860974f414c3f9f76b8d6d3259ae66_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1597687c75b7c671e1043124c2c5b483139de7eff388553545f19cfb593b1a3a_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8116aff94708793be9fe9d0479d6350a02f9efa7857c0261ebe4c0d8ef6d7422_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-33194" }, { "category": "external", "summary": "RHBZ#1963232", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963232" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33194", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33194" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194" }, { "category": "external", "summary": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", "url": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ" } ], "release_date": "2021-05-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html", "product_ids": [ "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:3a0730bd7bebc53b00899c52851c2f8b7b8b69580077d78d5082724fc75cb5c0_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9808a759742d9a992f995e48378f7d609775daee260a49c89a5f04abefbf0eef_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e0733842d440d5a6c7e57bc0f70c743e545d796bc1756cea48e1a24037f07b49_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:6149e72c8c94910c8ad438e477186caf0b85730ffbf6c3f5277027d963804e50_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:6d6ba1903a08f13b718ac33114fa064b8c91e3c995fce3fcb6ea8ac31ef96281_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ca5e6be59e43f3786c77531d593b44004888568ffb03d01e524349015e53e624_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4627" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:3a0730bd7bebc53b00899c52851c2f8b7b8b69580077d78d5082724fc75cb5c0_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9808a759742d9a992f995e48378f7d609775daee260a49c89a5f04abefbf0eef_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:e0733842d440d5a6c7e57bc0f70c743e545d796bc1756cea48e1a24037f07b49_amd64", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:6149e72c8c94910c8ad438e477186caf0b85730ffbf6c3f5277027d963804e50_ppc64le", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:6d6ba1903a08f13b718ac33114fa064b8c91e3c995fce3fcb6ea8ac31ef96281_s390x", "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:ca5e6be59e43f3786c77531d593b44004888568ffb03d01e524349015e53e624_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: x/net/html: infinite loop in ParseFragment" } ] }
rhsa-2021_3759
Vulnerability from csaf_redhat
Published
2021-10-18 17:26
Modified
2021-10-18 17:26
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.9.0 bug fix and security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.9.0 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.0. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHSA-2021:3758
Security Fix(es):
* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)
* sanitize-html: improper handling of internationalized domain name (IDN) can lead to bypass hostname whitelist validation (CVE-2021-26539)
* sanitize-html: improper validation of hostnames set by the "allowedIframeHostnames" option can lead to bypass hostname whitelist for iframe element (CVE-2021-26540)
* nodejs-is-svg: ReDoS via malicious string (CVE-2021-28092)
* nodejs-is-svg: Regular expression denial of service if the application is provided and checks a crafted invalid SVG string (CVE-2021-29059)
* golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header (CVE-2021-31525)
* helm: information disclosure vulnerability (CVE-2021-32690)
* golang: x/net/html: infinite loop in ParseFragment (CVE-2021-33194)
* golang: net: lookup functions may return invalid host names (CVE-2021-33195)
* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)
* golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)
* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.
You may download the oc tool and use it to inspect release image metadata as follows:
(For x86_64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.0-x86_64
The image digest is sha256:d262a12de33125907e0b75a5ea34301dd27c4a6bde8295f6b922411f07623e61
(For s390x architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.0-s390x
The image digest is sha256:d262a12de33125907e0b75a5ea34301dd27c4a6bde8295f6b922411f07623e61
(For ppc64le architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.0-ppc64le
The image digest is sha256:d262a12de33125907e0b75a5ea34301dd27c4a6bde8295f6b922411f07623e61
All OpenShift Container Platform 4.9 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available
at https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 2023 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat OpenShift Container Platform release 4.9.0 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.9.0. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHSA-2021:3758\n\nSecurity Fix(es):\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)\n\n* sanitize-html: improper handling of internationalized domain name (IDN) can lead to bypass hostname whitelist validation (CVE-2021-26539)\n\n* sanitize-html: improper validation of hostnames set by the \"allowedIframeHostnames\" option can lead to bypass hostname whitelist for iframe element (CVE-2021-26540)\n\n* nodejs-is-svg: ReDoS via malicious string (CVE-2021-28092)\n\n* nodejs-is-svg: Regular expression denial of service if the application is provided and checks a crafted invalid SVG string (CVE-2021-29059)\n\n* golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header (CVE-2021-31525)\n\n* helm: information disclosure vulnerability (CVE-2021-32690)\n\n* golang: x/net/html: infinite loop in ParseFragment (CVE-2021-33194)\n\n* golang: net: lookup functions may return invalid host names (CVE-2021-33195)\n\n* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)\n\n* golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)\n\n* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nThis update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.\n\nYou may download the oc tool and use it to inspect release image metadata as follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.0-x86_64\n\nThe image digest is sha256:d262a12de33125907e0b75a5ea34301dd27c4a6bde8295f6b922411f07623e61\n\n(For s390x architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.0-s390x\n\nThe image digest is sha256:d262a12de33125907e0b75a5ea34301dd27c4a6bde8295f6b922411f07623e61\n\n(For ppc64le architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.0-ppc64le\n\nThe image digest is sha256:d262a12de33125907e0b75a5ea34301dd27c4a6bde8295f6b922411f07623e61\n\nAll OpenShift Container Platform 4.9 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available\nat https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:3759", "url": "https://access.redhat.com/errata/RHSA-2021:3759" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_3759.json" } ], "title": "Red Hat Security Advisory: OpenShift Container Platform 4.9.0 bug fix and security update", "tracking": { "current_release_date": "2021-10-18T17:26:00Z", "generator": { "date": "2023-07-01T05:08:00Z", "engine": { "name": "Red Hat SDEngine", "version": "3.18.0" } }, "id": "RHSA-2021:3759", "initial_release_date": "2021-10-18T17:26:00Z", "revision_history": [ { "date": "2021-10-18T17:26:00Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.9", "product": { "name": "Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.9::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "category": "product_version", "name": "openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "product": { "name": "openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "product_id": "openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream" } }, { "category": "product_version", "name": "openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "product": { "name": "openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "product_id": "openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream" } }, { "category": "product_version", "name": "openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "product": { "name": "openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "product_id": "openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream" } }, { "category": "product_version", "name": "openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "product": { "name": "openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "product_id": "openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "product": { "name": "openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "product_id": "openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "product": { "name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "product_id": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "product": { "name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "product_id": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "product": { "name": "openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "product_id": "openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "product": { "name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "product_id": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "product": { "name": "openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "product_id": "openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "product": { "name": "openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "product_id": "openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "product": { "name": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "product_id": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "product": { "name": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "product_id": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "product": { "name": "openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "product_id": "openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "product": { "name": "openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "product_id": "openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "product": { "name": "openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "product_id": "openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "product": { "name": "openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "product_id": "openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "product": { "name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "product_id": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "product": { "name": "openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "product_id": "openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "product": { "name": "openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "product_id": "openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "product": { "name": "openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "product_id": "openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "product": { "name": "openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "product_id": "openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "product": { "name": "openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "product_id": "openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "product": { "name": "openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "product_id": "openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "product": { "name": "openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "product_id": "openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "product": { "name": "openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "product_id": "openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "product": { "name": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "product_id": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "product": { "name": "openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "product_id": "openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "product": { "name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "product_id": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "product": { "name": "openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "product_id": "openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "product": { "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "product_id": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "product": { "name": "openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "product_id": "openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "product": { "name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "product_id": "openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "product": { "name": "openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "product_id": "openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "product": { "name": "openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "product_id": "openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "product": { "name": "openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "product_id": "openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "product": { "name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "product_id": "openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "product": { "name": "openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "product_id": "openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "product": { "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "product_id": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "product": { "name": "openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "product_id": "openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "product": { "name": "openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "product_id": "openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "product": { "name": "openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "product_id": "openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "product": { "name": "openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "product_id": "openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "product": { "name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "product_id": "openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "product": { "name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "product_id": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "product": { "name": "openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "product_id": "openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "product": { "name": "openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "product_id": "openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "product": { "name": "openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "product_id": "openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "product": { "name": "openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "product_id": "openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "product": { "name": "openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "product_id": "openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "product": { "name": "openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "product_id": "openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "product": { "name": "openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "product_id": "openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "product": { "name": "openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "product_id": "openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8" } }, { "category": "product_version", "name": "openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "product": { "name": "openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "product_id": "openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "product": { "name": "openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "product_id": "openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "product": { "name": "openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "product_id": "openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "product": { "name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "product_id": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "product": { "name": "openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "product_id": "openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "product": { "name": "openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "product_id": "openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "product": { "name": "openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "product_id": "openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "product": { "name": "openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "product_id": "openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "product": { "name": "openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "product_id": "openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "product": { "name": "openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "product_id": "openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "product": { "name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "product_id": "openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "product": { "name": "openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "product_id": "openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "product": { "name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "product_id": "openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "product": { "name": "openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "product_id": "openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "product": { "name": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "product_id": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "product": { "name": "openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "product_id": "openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "product": { "name": "openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "product_id": "openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "product": { "name": "openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "product_id": "openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "product": { "name": "openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "product_id": "openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "product": { "name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "product_id": "openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "product": { "name": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "product_id": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "product": { "name": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "product_id": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "product": { "name": "openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "product_id": "openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "product": { "name": "openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "product_id": "openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "product": { "name": "openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "product_id": "openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "product": { "name": "openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "product_id": "openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "product": { "name": "openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "product_id": "openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "product": { "name": "openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "product_id": "openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "product": { "name": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "product_id": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "product": { "name": "openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "product_id": "openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "product": { "name": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "product_id": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "product": { "name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "product_id": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "product": { "name": "openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "product_id": "openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "product": { "name": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "product_id": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "product": { "name": "openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "product_id": "openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "product": { "name": "openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "product_id": "openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "product": { "name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "product_id": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "product": { "name": "openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "product_id": "openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "product": { "name": "openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "product_id": "openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "product": { "name": "openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "product_id": "openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "product": { "name": "openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "product_id": "openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "product": { "name": "openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "product_id": "openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "product": { "name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "product_id": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "product": { "name": "openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "product_id": "openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "product": { "name": "openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "product_id": "openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "product": { "name": "openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "product_id": "openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "product": { "name": "openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "product_id": "openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "product": { "name": "openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "product_id": "openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "product": { "name": "openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "product_id": "openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "product": { "name": "openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "product_id": "openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "product": { "name": "openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "product_id": "openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "product": { "name": "openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "product_id": "openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "product": { "name": "openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "product_id": "openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "product": { "name": "openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "product_id": "openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "product": { "name": "openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "product_id": "openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "product": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "product_id": "openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "product": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "product_id": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "product": { "name": "openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "product_id": "openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "product": { "name": "openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "product_id": "openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "product": { "name": "openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "product_id": "openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "product": { "name": "openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "product_id": "openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "product": { "name": "openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "product_id": "openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "product": { "name": "openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "product_id": "openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "product": { "name": "openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "product_id": "openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "product": { "name": "openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "product_id": "openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "product": { "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "product_id": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "product": { "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "product_id": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "product": { "name": "openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "product_id": "openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "product": { "name": "openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "product_id": "openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "product": { "name": "openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "product_id": "openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "product": { "name": "openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "product_id": "openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "product": { "name": "openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "product_id": "openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "product": { "name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "product_id": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "product": { "name": "openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "product_id": "openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "product": { "name": "openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "product_id": "openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "product": { "name": "openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "product_id": "openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "product": { "name": "openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "product_id": "openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "product": { "name": "openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "product_id": "openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "product": { "name": "openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "product_id": "openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "product": { "name": "openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "product_id": "openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "product": { "name": "openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "product_id": "openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "product": { "name": "openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "product_id": "openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "product": { "name": "openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "product_id": "openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "product": { "name": "openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "product_id": "openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "product": { "name": "openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "product_id": "openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "product": { "name": "openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "product_id": "openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "product": { "name": "openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "product_id": "openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "product": { "name": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "product_id": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "product": { "name": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "product_id": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "product": { "name": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "product_id": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "product": { "name": "openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "product_id": "openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "product": { "name": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "product_id": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "product": { "name": "openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "product_id": "openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "product": { "name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "product_id": "openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream", "product": { "name": "openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream", "product_id": "openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" } } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream" }, "product_reference": "openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream" }, "product_reference": "openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream" }, "product_reference": "openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream" }, "product_reference": "openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream" }, "product_reference": "openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream" }, "product_reference": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream" }, "product_reference": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream" }, "product_reference": "openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream" }, "product_reference": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream" }, "product_reference": "openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream" }, "product_reference": "openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream" }, "product_reference": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream" }, "product_reference": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream" }, "product_reference": "openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream" }, "product_reference": "openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream" }, "product_reference": "openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream" }, "product_reference": "openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream" }, "product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream" }, "product_reference": "openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream" }, "product_reference": "openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream" }, "product_reference": "openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream" }, "product_reference": "openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream" }, "product_reference": "openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream" }, "product_reference": "openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream" }, "product_reference": "openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream" }, "product_reference": "openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream" }, "product_reference": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream" }, "product_reference": "openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream" }, "product_reference": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream" }, "product_reference": "openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream" }, "product_reference": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream" }, "product_reference": "openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream" }, "product_reference": "openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream" }, "product_reference": "openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream" }, "product_reference": "openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream" }, "product_reference": "openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream" }, "product_reference": "openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream" }, "product_reference": "openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream" }, "product_reference": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream" }, "product_reference": "openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream" }, "product_reference": "openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream" }, "product_reference": "openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream" }, "product_reference": "openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream" }, "product_reference": "openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream" }, "product_reference": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream" }, "product_reference": "openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream" }, "product_reference": "openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream" }, "product_reference": "openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream" }, "product_reference": "openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream" }, "product_reference": "openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream" }, "product_reference": "openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream" }, "product_reference": "openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8 as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8" }, "product_reference": "openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream" }, "product_reference": "openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream" }, "product_reference": "openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream" }, "product_reference": "openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream" }, "product_reference": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream" }, "product_reference": "openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream" }, "product_reference": "openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream" }, "product_reference": "openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream" }, "product_reference": "openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream" }, "product_reference": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream" }, "product_reference": "openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream" }, "product_reference": "openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream" }, "product_reference": "openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" }, "product_reference": "openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream" }, "product_reference": "openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream" }, "product_reference": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream" }, "product_reference": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream" }, "product_reference": "openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream" }, "product_reference": "openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream" }, "product_reference": "openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream" }, "product_reference": "openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream" }, "product_reference": "openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream" }, "product_reference": "openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream" }, "product_reference": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream" }, "product_reference": "openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream" }, "product_reference": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream" }, "product_reference": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream" }, "product_reference": "openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream" }, "product_reference": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream" }, "product_reference": "openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream" }, "product_reference": "openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream" }, "product_reference": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream" }, "product_reference": "openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream" }, "product_reference": "openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream" }, "product_reference": "openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream" }, "product_reference": "openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream" }, "product_reference": "openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream" }, "product_reference": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream" }, "product_reference": "openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream" }, "product_reference": "openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream" }, "product_reference": "openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream" }, "product_reference": "openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream" }, "product_reference": "openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream" }, "product_reference": "openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream" }, "product_reference": "openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream" }, "product_reference": "openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream" }, "product_reference": "openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream" }, "product_reference": "openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream" }, "product_reference": "openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream" }, "product_reference": "openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream" }, "product_reference": "openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream" }, "product_reference": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream" }, "product_reference": "openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream" }, "product_reference": "openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream" }, "product_reference": "openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream" }, "product_reference": "openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream" }, "product_reference": "openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream" }, "product_reference": "openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream" }, "product_reference": "openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream" }, "product_reference": "openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream" }, "product_reference": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream" }, "product_reference": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream" }, "product_reference": "openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream" }, "product_reference": "openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream" }, "product_reference": "openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream" }, "product_reference": "openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream" }, "product_reference": "openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream" }, "product_reference": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream" }, "product_reference": "openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream" }, "product_reference": "openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream" }, "product_reference": "openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream" }, "product_reference": "openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream" }, "product_reference": "openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream" }, "product_reference": "openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream" }, "product_reference": "openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream" }, "product_reference": "openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream" }, "product_reference": "openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream" }, "product_reference": "openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream" }, "product_reference": "openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream" }, "product_reference": "openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream" }, "product_reference": "openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream" }, "product_reference": "openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream" }, "product_reference": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream" }, "product_reference": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream" }, "product_reference": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream" }, "product_reference": "openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream" }, "product_reference": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream" }, "product_reference": "openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream" }, "product_reference": "openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream as a component of Red Hat OpenShift Container Platform 4.9", "product_id": "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" }, "product_reference": "openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.9" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-3121", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "discovery_date": "2021-01-28T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in github.com/gogo/protobuf before 1.3.2 that allows an out-of-bounds access when unmarshalling certain protobuf objects. This flaw allows a remote attacker to send crafted protobuf messages, causing panic and resulting in a denial of service. The highest threat from this vulnerability is to availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3121", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3121" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121" }, { "category": "external", "summary": "CVE-2021-3121", "url": "https://access.redhat.com/security/cve/CVE-2021-3121" }, { "category": "external", "summary": "bz#1921650: CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650" } ], "release_date": "2021-01-11T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:3759" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-01-28T00:00:00Z", "details": "Important" } ], "title": "CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation" }, { "cve": "CVE-2021-26539", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-02-08T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1932362" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "Apostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by the \"allowedIframeHostnames\" option.", "title": "Vulnerability description" }, { "category": "summary", "text": "sanitize-html: improper handling of internationalized domain name (IDN) can lead to bypass hostname whitelist validation", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-26539", "url": "https://www.cve.org/CVERecord?id=CVE-2021-26539" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26539", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26539" }, { "category": "external", "summary": "CVE-2021-26539", "url": "https://access.redhat.com/security/cve/CVE-2021-26539" }, { "category": "external", "summary": "bz#1932362: CVE-2021-26539 sanitize-html: improper handling of internationalized domain name (IDN) can lead to bypass hostname whitelist validation", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932362" } ], "release_date": "2021-01-22T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:3759" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-02-08T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-26539 sanitize-html: improper handling of internationalized domain name (IDN) can lead to bypass hostname whitelist validation" }, { "cve": "CVE-2021-26540", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-02-08T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1932323" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the \"allowedIframeHostnames\" option when the \"allowIframeRelativeUrls\" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with \"/\\\\example.com\".", "title": "Vulnerability description" }, { "category": "summary", "text": "sanitize-html: improper validation of hostnames set by the \"allowedIframeHostnames\" option can lead to bypass hostname whitelist for iframe element", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-26540", "url": "https://www.cve.org/CVERecord?id=CVE-2021-26540" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26540", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26540" }, { "category": "external", "summary": "CVE-2021-26540", "url": "https://access.redhat.com/security/cve/CVE-2021-26540" }, { "category": "external", "summary": "bz#1932323: CVE-2021-26540 sanitize-html: improper validation of hostnames set by the \"allowedIframeHostnames\" option can lead to bypass hostname whitelist for iframe element", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932323" } ], "release_date": "2021-01-26T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:3759" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-02-08T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-26540 sanitize-html: improper validation of hostnames set by the \"allowedIframeHostnames\" option can lead to bypass hostname whitelist for iframe element" }, { "cve": "CVE-2021-28092", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-03-12T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1939103" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in is-svg package. A malicious string provided by an attacker may lead to Regular Expression Denial of Service (ReDoS).\r\nThe highest threat from this vulnerability is to availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-is-svg: ReDoS via malicious string", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-28092", "url": "https://www.cve.org/CVERecord?id=CVE-2021-28092" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-28092", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28092" }, { "category": "external", "summary": "CVE-2021-28092", "url": "https://access.redhat.com/security/cve/CVE-2021-28092" }, { "category": "external", "summary": "bz#1939103: CVE-2021-28092 nodejs-is-svg: ReDoS via malicious string", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939103" } ], "release_date": "2021-03-11T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:3759" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-03-12T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-28092 nodejs-is-svg: ReDoS via malicious string" }, { "cve": "CVE-2021-29059", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-06-22T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1974839" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in IS-SVG where a Regular Expression Denial of Service (ReDOS) occurs if the application is provided and checks a crafted invalid SVG string. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-is-svg: Regular expression denial of service if the application is provided and checks a crafted invalid SVG string", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-29059", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29059" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29059", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29059" }, { "category": "external", "summary": "CVE-2021-29059", "url": "https://access.redhat.com/security/cve/CVE-2021-29059" }, { "category": "external", "summary": "bz#1974839: CVE-2021-29059 nodejs-is-svg: Regular expression denial of service if the application is provided and checks a crafted invalid SVG string", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974839" } ], "release_date": "2021-06-21T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:3759" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-06-22T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-29059 nodejs-is-svg: Regular expression denial of service if the application is provided and checks a crafted invalid SVG string" }, { "cve": "CVE-2021-31525", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2021-05-06T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1958341" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A vulnerability was detected in net/http of the Go standard library when parsing very large HTTP header values, causing a crash and subsequent denial of service. This vulnerability affects both clients and servers written in Go, however, servers are only vulnerable if the value of MaxHeaderBytes has been increased from the default.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-31525", "url": "https://www.cve.org/CVERecord?id=CVE-2021-31525" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-31525", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31525" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc", "url": "https://groups.google.com/g/golang-announce/c/cu9SP4eSXMc" }, { "category": "external", "summary": "CVE-2021-31525", "url": "https://access.redhat.com/security/cve/CVE-2021-31525" }, { "category": "external", "summary": "bz#1958341: CVE-2021-31525 golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958341" } ], "release_date": "2021-04-22T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:3759" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-05-06T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-31525 golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header" }, { "cve": "CVE-2021-32690", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2021-06-17T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1978144" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A vulnerability was discovered in Helm, which could allow credentials associated with one Helm repository to be leaked to another repository referenced by the first one. In order to exploit this vulnerability, an attacker would need to control a repository trusted by the configuration of the target Helm instance.", "title": "Vulnerability description" }, { "category": "summary", "text": "information disclosure vulnerability", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8" ], "known_not_affected": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-32690", "url": "https://www.cve.org/CVERecord?id=CVE-2021-32690" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-32690", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32690" }, { "category": "external", "summary": "https://github.com/helm/helm/security/advisories/GHSA-56hp-xqp3-w2jf", "url": "https://github.com/helm/helm/security/advisories/GHSA-56hp-xqp3-w2jf" }, { "category": "external", "summary": "CVE-2021-32690", "url": "https://access.redhat.com/security/cve/CVE-2021-32690" }, { "category": "external", "summary": "bz#1978144: information disclosure vulnerability", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1978144" } ], "release_date": "2021-06-16T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8" ], "url": "https://access.redhat.com/errata/RHSA-2021:3759" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8" ] } ], "threats": [ { "category": "impact", "date": "2021-06-17T00:00:00Z", "details": "Moderate" } ], "title": "information disclosure vulnerability" }, { "cve": "CVE-2021-33194", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2021-05-20T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1963232" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in golang. An attacker can craft an input to ParseFragment within parse.go that would cause it to enter an infinite loop and never return. The greatest threat to the system is of availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: x/net/html: infinite loop in ParseFragment", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33194", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33194" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194" }, { "category": "external", "summary": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", "url": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ" }, { "category": "external", "summary": "CVE-2021-33194", "url": "https://access.redhat.com/security/cve/CVE-2021-33194" }, { "category": "external", "summary": "bz#1963232: CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963232" } ], "release_date": "2021-05-20T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:3759" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-05-20T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment" }, { "cve": "CVE-2021-33195", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-08-02T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1989564" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in Go. The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in the net package and methods on the Resolver type, may return arbitrary values retrieved from DNS, allowing injection of unexpected contents. The highest threat from this vulnerability is to integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net: lookup functions may return invalid host names", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33195", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33195" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33195", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33195" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI", "url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI" }, { "category": "external", "summary": "CVE-2021-33195", "url": "https://access.redhat.com/security/cve/CVE-2021-33195" }, { "category": "external", "summary": "bz#1989564: CVE-2021-33195 golang: net: lookup functions may return invalid host names", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989564" } ], "release_date": "2021-05-18T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:3759" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-08-02T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-33195 golang: net: lookup functions may return invalid host names" }, { "cve": "CVE-2021-33197", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-08-02T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1989570" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in Go, acting as an unintended proxy or intermediary, where ReverseProxy forwards connection headers if the first one was empty. This flaw allows an attacker to drop arbitrary headers. The highest threat from this vulnerability is to integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33197", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33197" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33197", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33197" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI", "url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI" }, { "category": "external", "summary": "CVE-2021-33197", "url": "https://access.redhat.com/security/cve/CVE-2021-33197" }, { "category": "external", "summary": "bz#1989570: CVE-2021-33197 golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989570" } ], "release_date": "2021-05-21T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:3759" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-08-02T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-33197 golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty" }, { "cve": "CVE-2021-33198", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-08-02T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1989575" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in Go, where it attempts to allocate excessive memory. This issue may cause panic or unrecoverable fatal error if passed inputs with very large exponents. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33198", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33198" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33198", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33198" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI", "url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI" }, { "category": "external", "summary": "CVE-2021-33198", "url": "https://access.redhat.com/security/cve/CVE-2021-33198" }, { "category": "external", "summary": "bz#1989575: CVE-2021-33198 golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989575" } ], "release_date": "2021-03-10T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:3759" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-08-02T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-33198 golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents" }, { "cve": "CVE-2021-34558", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-07-14T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate\u0027s private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0\u20131.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.9:openshift4/driver-toolkit-rhel8:v4.9.0-202110052311.p0.git.25c3513.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-alt-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/egress-router-cni-rhel8:v4.9.0-202109302317.p0.git.099b756.assembly.stream", "8Base-RHOSE-4.9:openshift4/network-tools-rhel8:v4.9.0-202110081859.p0.git.ed0b846.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.18d82a6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.e8e2cb3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.9.0-202109302317.p0.git.26f1b6f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-machine-controllers:v4.9.0-202109302317.p0.git.f5013d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.9.0-202109302317.p0.git.175f98f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-cloud-node-manager-rhel8:v4.9.0-202109302317.p0.git.c02678d.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.60fd0ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-disk-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ade7373.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-azure-machine-controllers:v4.9.0-202109302317.p0.git.c689e78.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-machine-controllers:v4.9.0-202109302317.p0.git.1c81cab.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-rhel8-operator:v4.9.0-202109302317.p0.git.cf45440.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-baremetal-runtimecfg-rhel8:v4.9.0-202109302317.p0.git.066cf9f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cli:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cloud-credential-operator:v4.9.0-202109302317.p0.git.0d83e9b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-authentication-operator:v4.9.0-202109302317.p0.git.b6c02e6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler-operator:v4.9.0-202109302317.p0.git.4a69154.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-autoscaler:v4.9.0-202109302016.p0.git.68fe93a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8:v4.9.0-202109302317.p0.git.fc2865a.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-bootstrap:v4.9.0-202109302317.p0.git.7e074a7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-cloud-controller-manager-operator-rhel8:v4.9.0-202109302317.p0.git.2b9246c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-config-operator:v4.9.0-202109302317.p0.git.f901f5b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.9.0-202110010218.p0.git.c750d4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-dns-operator:v4.9.0-202109302317.p0.git.083d37c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-etcd-rhel8-operator:v4.9.0-202109302317.p0.git.a6820f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-image-registry-operator:v4.9.0-202110010218.p0.git.48485bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-ingress-operator:v4.9.0-202109302317.p0.git.9aa4433.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-apiserver-operator:v4.9.0-202109302317.p0.git.ea2ec3b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-controller-manager-operator:v4.9.0-202109302317.p0.git.7766edf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-scheduler-operator:v4.9.0-202109302317.p0.git.c90e03f.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.9.0-202109302317.p0.git.c45ac14.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-machine-approver:v4.9.0-202109302317.p0.git.093c444.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator:v4.9.0-202109302317.p0.git.79cdf68.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-network-operator:v4.9.0-202109302317.p0.git.8437b07.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-node-tuning-operator:v4.9.0-202109302317.p0.git.9284381.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-apiserver-operator:v4.9.0-202109302317.p0.git.4cc29cf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-openshift-controller-manager-operator:v4.9.0-202109302317.p0.git.3015cb8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-policy-controller-rhel8:v4.9.0-202109302317.p0.git.8fbffaf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-samples-operator:v4.9.0-202109302016.p0.git.49a97d3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-storage-operator:v4.9.0-202109302317.p0.git.2e76e02.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-update-keys:v4.9.0-202109302317.p0.git.3e20043.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-cluster-version-operator:v4.9.0-202110081830.p0.git.1f15159.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-configmap-reloader:v4.9.0-202109302317.p0.git.b84b5bf.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console-operator:v4.9.0-202110010218.p0.git.b805832.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-console:v4.9.0-202110130449.p0.git.8c077e4.assembly.rc.8", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-alt-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-container-networking-plugins-rhel8:v4.9.0-202109302317.p0.git.44a4913.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-coredns:v4.9.0-202109302317.p0.git.3cb11c0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8-operator:v4.9.0-202109302317.p0.git.fd2d838.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-manila-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-driver-nfs-rhel8:v4.9.0-202109302317.p0.git.0e0c173.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher-rhel8:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-attacher:v4.9.0-202109302317.p0.git.0a1737c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer-rhel8:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-resizer:v4.9.0-202109302317.p0.git.dad46d0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-external-snapshotter:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-controller:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.9.0-202109302317.p0.git.52ab893.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-deployer:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-builder:v4.9.0-202109302016.p0.git.50d5b91.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-docker-registry:v4.9.0-202109302317.p0.git.50d54ae.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-machine-controllers-rhel8:v4.9.0-202110011856.p0.git.d92b088.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.b1a29ea.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.9.0-202109302317.p0.git.48d49f7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-grafana:v4.9.0-202109302317.p0.git.6130ba8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-haproxy-router:v4.9.0-202109302317.p0.git.2d1e1f4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-hyperkube:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-insights-rhel8-operator:v4.9.0-202109302317.p0.git.51e4523.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-installer:v4.9.0-202110082228.p0.git.6e5b992.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.9.0-202109302016.p0.git.1d3d07b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-inspector-rhel8:v4.9.0-202109302016.p0.git.9474b75.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-ipa-downloader-rhel8:v4.9.0-202109302016.p0.git.6e9af39.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.9.0-202109302016.p0.git.a367c21.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-rhel8:v4.9.0-202110071025.p0.git.ab287f6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ironic-static-ip-manager-rhel8:v4.9.0-202109302016.p0.git.d13dccb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.9.0-202110011028.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-jenkins:v4.9.0-202109302317.p0.git.aa28a4b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-k8s-prometheus-adapter:v4.9.0-202109302317.p0.git.adfdd41.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-keepalived-ipfailover:v4.9.0-202109302317.p0.git.f93eca8.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-proxy:v4.9.0-202109302317.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-state-metrics:v4.9.0-202109302317.p0.git.6e41dbd.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kube-storage-version-migrator-rhel8:v4.9.0-202109302317.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-cni-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-kuryr-controller-rhel8:v4.9.0-202109302016.p0.git.e66f211.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-libvirt-machine-controllers:v4.9.0-202109302317.p0.git.59ae2ed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-api-operator:v4.9.0-202109302317.p0.git.38efcc6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator:v4.9.0-202109302317.p0.git.d2d236b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-mdns-publisher-rhel8:v4.9.0-202109302317.p0.git.266597b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-admission-controller:v4.9.0-202109302317.p0.git.3c28a57.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni-alt-rhel8:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-cni:v4.9.0-202109302317.p0.git.5e081d5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-networkpolicy-rhel8:v4.9.0-202109302317.p0.git.fd12fed.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-alt-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-route-override-cni-rhel8:v4.9.0-202109302016.p0.git.707dd38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-alt-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.9.0-202109302016.p0.git.d291d96.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-must-gather:v4.9.0-202109302317.p0.git.d4b3f38.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-network-metrics-daemon-rhel8:v4.9.0-202109302317.p0.git.9fd6103.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-apiserver-rhel8:v4.9.0-202109302317.p0.git.6e0f921.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-proxy:v4.9.0-202109302016.p0.git.9ea1ebc.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-oauth-server-rhel8:v4.9.0-202109302317.p0.git.a51e181.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-apiserver-rhel8:v4.9.0-202109302317.p0.git.272f995.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-controller-manager-rhel8:v4.9.0-202109302317.p0.git.eda2db6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openshift-state-metrics-rhel8:v4.9.0-202109302317.p0.git.689af8b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.6f34668.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-cloud-controller-manager-rhel8:v4.9.0-202109302317.p0.git.ddbc0e4.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-openstack-machine-controllers:v4.9.0-202109302317.p0.git.a7442bb.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-lifecycle-manager:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-marketplace:v4.9.0-202109302317.p0.git.cfc16ec.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-operator-registry:v4.9.0-202109302317.p0.git.32eb259.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovirt-machine-controllers-rhel8:v4.9.0-202109302317.p0.git.2262c7c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes:v4.9.0-202110081859.p0.git.100ec23.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-pod:v4.9.0-202110080828.p0.git.894a78b.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prom-label-proxy:v4.9.0-202109302016.p0.git.4d11d13.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-alertmanager:v4.9.0-202109302016.p0.git.579e3c6.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-config-reloader:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-node-exporter:v4.9.0-202109302016.p0.git.1ab97f3.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus-operator:v4.9.0-202109302317.p0.git.ce7d979.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-prometheus:v4.9.0-202109302016.p0.git.3197fa7.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-sdn-rhel8:v4.9.0-202110041951.p0.git.9647cb0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-service-ca-operator:v4.9.0-202109302317.p0.git.ab44f58.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-telemeter:v4.9.0-202109302317.p0.git.03842e0.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tests:v4.9.0-202110011028.p0.git.6105395.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-thanos-rhel8:v4.9.0-202109302317.p0.git.e0fa82c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8:v4.9.0-202109302317.p0.git.96e95ce.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.9.0-202109302317.p0.git.09517b5.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.9.0-202109302317.p0.git.4ece3d1.assembly.stream", "8Base-RHOSE-4.9:openshift4/ose-vsphere-problem-detector-rhel8:v4.9.0-202109302317.p0.git.646689c.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8-operator:v4.9.0-202109302317.p0.git.7fe7f8e.assembly.stream", "8Base-RHOSE-4.9:openshift4/ovirt-csi-driver-rhel8:v4.9.0-202109302317.p0.git.22a3b88.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-34558", "url": "https://www.cve.org/CVERecord?id=CVE-2021-34558" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558" }, { "category": "external", "summary": "https://golang.org/doc/devel/release#go1.15.minor", "url": "https://golang.org/doc/devel/release#go1.15.minor" }, { "category": "external", "summary": "https://golang.org/doc/devel/release#go1.16.minor", "url": "https://golang.org/doc/devel/release#go1.16.minor" }, { "category": "external", "summary": "CVE-2021-34558", "url": "https://access.redhat.com/security/cve/CVE-2021-34558" }, { "category": "external", "summary": "bz#1983596: CVE-2021-34558 golang: crypto/tls: certificate of wrong type is causing TLS client to panic", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596" } ], "release_date": "2021-07-13T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:3759" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.9:openshift4/ose-etcd:v4.9.0-202109302317.p0.git.5c1feaf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-07-14T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-34558 golang: crypto/tls: certificate of wrong type is causing TLS client to panic" } ] }
rhsa-2021_2438
Vulnerability from csaf_redhat
Published
2021-07-27 22:30
Modified
2021-07-27 22:30
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.8.2 bug fix and security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.8.2 is now available with
updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.8.2. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHSA-2021:2437
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html
Security Fix(es):
* SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)
* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)
* nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774)
* etcd: Large slice causes panic in decodeRecord method (CVE-2020-15106)
* etcd: DoS in wal/wal.go (CVE-2020-15112)
* etcd: directories created via os.MkdirAll are not checked for permissions (CVE-2020-15113)
* etcd: gateway can include itself as an endpoint resulting in resource exhaustion and leads to DoS (CVE-2020-15114)
* etcd: no authentication is performed against endpoints provided in the --endpoints flag (CVE-2020-15136)
* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)
* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)
* nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions (CVE-2020-28500)
* golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852)
* golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)
* containernetworking-cni: Arbitrary path injection via type field in CNI configuration (CVE-2021-20206)
* containers/storage: DoS via malicious image (CVE-2021-20291)
* prometheus: open redirect under the /new endpoint (CVE-2021-29622)
* golang: x/net/html: infinite loop in ParseFragment (CVE-2021-33194)
* go.elastic.co/apm: leaks sensitive HTTP headers during panic (CVE-2021-22133)
Space precludes listing in detail the following additional CVEs fixes: (CVE-2021-27292), (CVE-2021-28092), (CVE-2021-29059), (CVE-2021-23382), (CVE-2021-26539), (CVE-2021-26540), (CVE-2021-23337), (CVE-2021-23362) and (CVE-2021-23368)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
You may download the oc tool and use it to inspect release image metadata as follows:
(For x86_64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.8.2-x86_64
The image digest is ssha256:0e82d17ababc79b10c10c5186920232810aeccbccf2a74c691487090a2c98ebc
(For s390x architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.8.2-s390x
The image digest is sha256:a284c5c3fa21b06a6a65d82be1dc7e58f378aa280acd38742fb167a26b91ecb5
(For ppc64le architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.8.2-ppc64le
The image digest is sha256:da989b8e28bccadbb535c2b9b7d3597146d14d254895cd35f544774f374cdd0f
All OpenShift Container Platform 4.8 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available
at https://docs.openshift.com/container-platform/4.8/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 2023 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat OpenShift Container Platform release 4.8.2 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.8.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.8.2. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHSA-2021:2437\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nSecurity Fix(es):\n\n* SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) (CVE-2016-2183)\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)\n\n* nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774)\n\n* etcd: Large slice causes panic in decodeRecord method (CVE-2020-15106)\n\n* etcd: DoS in wal/wal.go (CVE-2020-15112)\n\n* etcd: directories created via os.MkdirAll are not checked for permissions (CVE-2020-15113)\n\n* etcd: gateway can include itself as an endpoint resulting in resource exhaustion and leads to DoS (CVE-2020-15114)\n\n* etcd: no authentication is performed against endpoints provided in the --endpoints flag (CVE-2020-15136)\n\n* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions (CVE-2020-28500)\n\n* golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852)\n\n* golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)\n\n* containernetworking-cni: Arbitrary path injection via type field in CNI configuration (CVE-2021-20206)\n\n* containers/storage: DoS via malicious image (CVE-2021-20291)\n\n* prometheus: open redirect under the /new endpoint (CVE-2021-29622)\n\n* golang: x/net/html: infinite loop in ParseFragment (CVE-2021-33194)\n\n* go.elastic.co/apm: leaks sensitive HTTP headers during panic (CVE-2021-22133)\n\nSpace precludes listing in detail the following additional CVEs fixes: (CVE-2021-27292), (CVE-2021-28092), (CVE-2021-29059), (CVE-2021-23382), (CVE-2021-26539), (CVE-2021-26540), (CVE-2021-23337), (CVE-2021-23362) and (CVE-2021-23368)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nYou may download the oc tool and use it to inspect release image metadata as follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.8.2-x86_64\n\nThe image digest is ssha256:0e82d17ababc79b10c10c5186920232810aeccbccf2a74c691487090a2c98ebc\n\n(For s390x architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.8.2-s390x\n\nThe image digest is sha256:a284c5c3fa21b06a6a65d82be1dc7e58f378aa280acd38742fb167a26b91ecb5\n\n(For ppc64le architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.8.2-ppc64le\n\nThe image digest is sha256:da989b8e28bccadbb535c2b9b7d3597146d14d254895cd35f544774f374cdd0f\n\nAll OpenShift Container Platform 4.8 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available\nat https://docs.openshift.com/container-platform/4.8/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2438", "url": "https://access.redhat.com/errata/RHSA-2021:2438" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_2438.json" } ], "title": "Red Hat Security Advisory: OpenShift Container Platform 4.8.2 bug fix and security update", "tracking": { "current_release_date": "2021-07-27T22:30:00Z", "generator": { "date": "2023-07-01T05:02:00Z", "engine": { "name": "Red Hat SDEngine", "version": "3.18.0" } }, "id": "RHSA-2021:2438", "initial_release_date": "2021-07-27T22:30:00Z", "revision_history": [ { "date": "2021-07-27T22:30:00Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.8", "product": { "name": "Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.8::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "category": "product_version", "name": "openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "product": { "name": "openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "product_id": "openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream" } }, { "category": "product_version", "name": "openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "product": { "name": "openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "product_id": "openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream" } }, { "category": "product_version", "name": "openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "product": { "name": "openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "product_id": "openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "product": { "name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "product_id": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "product": { "name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "product_id": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "product": { "name": "openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "product_id": "openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "product": { "name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "product_id": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "product": { "name": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "product_id": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "product": { "name": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "product_id": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "product": { "name": "openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "product_id": "openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "product": { "name": "openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "product_id": "openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "product": { "name": "openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "product_id": "openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "product": { "name": "openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "product_id": "openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "product": { "name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "product_id": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "product": { "name": "openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "product_id": "openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "product": { "name": "openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "product_id": "openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "product": { "name": "openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "product_id": "openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "product": { "name": "openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "product_id": "openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "product": { "name": "openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "product_id": "openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "product": { "name": "openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "product_id": "openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "product": { "name": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "product_id": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "product": { "name": "openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "product_id": "openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "product": { "name": "openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "product_id": "openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "product": { "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "product_id": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "product": { "name": "openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "product_id": "openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "product": { "name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "product_id": "openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "product": { "name": "openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "product_id": "openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "product": { "name": "openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "product_id": "openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "product": { "name": "openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "product_id": "openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "product": { "name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "product_id": "openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "product": { "name": "openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "product_id": "openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "product": { "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "product_id": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "product": { "name": "openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "product_id": "openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "product": { "name": "openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "product_id": "openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "product": { "name": "openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "product_id": "openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "product": { "name": "openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "product_id": "openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "product": { "name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "product_id": "openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "product": { "name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "product_id": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "product": { "name": "openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "product_id": "openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "product": { "name": "openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "product_id": "openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "product": { "name": "openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "product_id": "openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "product": { "name": "openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "product_id": "openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "product": { "name": "openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "product_id": "openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "product": { "name": "openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "product_id": "openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "product": { "name": "openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "product_id": "openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "product": { "name": "openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "product_id": "openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "product": { "name": "openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "product_id": "openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "product": { "name": "openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "product_id": "openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "product": { "name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "product_id": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "product": { "name": "openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "product_id": "openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "product": { "name": "openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "product_id": "openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "product": { "name": "openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "product_id": "openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "product": { "name": "openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "product_id": "openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "product": { "name": "openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "product_id": "openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "product": { "name": "openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "product_id": "openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "product": { "name": "openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "product_id": "openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "product": { "name": "openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "product_id": "openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product": { "name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product_id": "openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product": { "name": "openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product_id": "openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "product": { "name": "openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "product_id": "openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "product": { "name": "openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "product_id": "openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "product": { "name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "product_id": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "product": { "name": "openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "product_id": "openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product": { "name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product_id": "openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product": { "name": "openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product_id": "openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product": { "name": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "product_id": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "product": { "name": "openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "product_id": "openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "product": { "name": "openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "product_id": "openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "product": { "name": "openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "product_id": "openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "product": { "name": "openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "product_id": "openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "product": { "name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "product_id": "openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "product": { "name": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "product_id": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "product": { "name": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "product_id": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "product": { "name": "openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "product_id": "openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "product": { "name": "openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "product_id": "openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "product": { "name": "openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "product_id": "openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "product": { "name": "openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "product_id": "openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "product": { "name": "openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "product_id": "openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "product": { "name": "openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "product_id": "openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "product": { "name": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "product_id": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "product": { "name": "openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "product_id": "openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "product": { "name": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "product_id": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "product": { "name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "product_id": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "product": { "name": "openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "product_id": "openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "product": { "name": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "product_id": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "product": { "name": "openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "product_id": "openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "product": { "name": "openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "product_id": "openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "product": { "name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "product_id": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "product": { "name": "openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "product_id": "openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "product": { "name": "openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "product_id": "openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "product": { "name": "openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "product_id": "openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "product": { "name": "openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "product_id": "openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "product": { "name": "openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "product_id": "openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "product": { "name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "product_id": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "product": { "name": "openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "product_id": "openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "product": { "name": "openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "product_id": "openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "product": { "name": "openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "product_id": "openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "product": { "name": "openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "product_id": "openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "product": { "name": "openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "product_id": "openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "product": { "name": "openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "product_id": "openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "product": { "name": "openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "product_id": "openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "product": { "name": "openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "product_id": "openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "product": { "name": "openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "product_id": "openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "product": { "name": "openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "product_id": "openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "product": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "product_id": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "product": { "name": "openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "product_id": "openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "product": { "name": "openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "product_id": "openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "product": { "name": "openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "product_id": "openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "product": { "name": "openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "product_id": "openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "product": { "name": "openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "product_id": "openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "product": { "name": "openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "product_id": "openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "product": { "name": "openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "product_id": "openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "product": { "name": "openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "product_id": "openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "product": { "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "product_id": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "product": { "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "product_id": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "product": { "name": "openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "product_id": "openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "product": { "name": "openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "product_id": "openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "product": { "name": "openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "product_id": "openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "product": { "name": "openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "product_id": "openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "product": { "name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "product_id": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "product": { "name": "openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "product_id": "openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "product": { "name": "openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "product_id": "openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "product": { "name": "openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "product_id": "openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "product": { "name": "openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "product_id": "openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "product": { "name": "openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "product_id": "openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "product": { "name": "openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "product_id": "openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "product": { "name": "openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "product_id": "openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "product": { "name": "openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "product_id": "openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "product": { "name": "openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "product_id": "openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "product": { "name": "openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "product_id": "openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "product": { "name": "openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "product_id": "openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "product": { "name": "openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "product_id": "openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "product": { "name": "openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "product_id": "openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "product": { "name": "openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "product_id": "openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "product": { "name": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "product_id": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "product": { "name": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "product_id": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "product": { "name": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "product_id": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "product": { "name": "openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "product_id": "openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "product": { "name": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "product_id": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "product": { "name": "openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "product_id": "openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "product": { "name": "openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "product_id": "openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream" } }, { "category": "product_version", "name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream", "product": { "name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream", "product_id": "openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" } } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream" }, "product_reference": "openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream" }, "product_reference": "openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream" }, "product_reference": "openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream" }, "product_reference": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream" }, "product_reference": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream" }, "product_reference": "openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream" }, "product_reference": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream" }, "product_reference": "openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream" }, "product_reference": "openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream" }, "product_reference": "openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream" }, "product_reference": "openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream" }, "product_reference": "openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream" }, "product_reference": "openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream" }, "product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream" }, "product_reference": "openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream" }, "product_reference": "openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream" }, "product_reference": "openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream" }, "product_reference": "openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream" }, "product_reference": "openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream" }, "product_reference": "openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream" }, "product_reference": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream" }, "product_reference": "openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream" }, "product_reference": "openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream" }, "product_reference": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream" }, "product_reference": "openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream" }, "product_reference": "openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream" }, "product_reference": "openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream" }, "product_reference": "openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream" }, "product_reference": "openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream" }, "product_reference": "openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream" }, "product_reference": "openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream" }, "product_reference": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream" }, "product_reference": "openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream" }, "product_reference": "openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream" }, "product_reference": "openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream" }, "product_reference": "openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream" }, "product_reference": "openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream" }, "product_reference": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream" }, "product_reference": "openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream" }, "product_reference": "openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream" }, "product_reference": "openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream" }, "product_reference": "openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream" }, "product_reference": "openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream" }, "product_reference": "openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream" }, "product_reference": "openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" }, "product_reference": "openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream" }, "product_reference": "openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream" }, "product_reference": "openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream" }, "product_reference": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream" }, "product_reference": "openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream" }, "product_reference": "openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" }, "product_reference": "openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream" }, "product_reference": "openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream" }, "product_reference": "openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream" }, "product_reference": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream" }, "product_reference": "openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" }, "product_reference": "openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" }, "product_reference": "openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream" }, "product_reference": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream" }, "product_reference": "openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream" }, "product_reference": "openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream" }, "product_reference": "openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" }, "product_reference": "openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream" }, "product_reference": "openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream" }, "product_reference": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream" }, "product_reference": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream" }, "product_reference": "openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream" }, "product_reference": "openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream" }, "product_reference": "openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream" }, "product_reference": "openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream" }, "product_reference": "openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream" }, "product_reference": "openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream" }, "product_reference": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream" }, "product_reference": "openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream" }, "product_reference": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream" }, "product_reference": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream" }, "product_reference": "openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream" }, "product_reference": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream" }, "product_reference": "openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream" }, "product_reference": "openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream" }, "product_reference": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream" }, "product_reference": "openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream" }, "product_reference": "openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream" }, "product_reference": "openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream" }, "product_reference": "openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream" }, "product_reference": "openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream" }, "product_reference": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream" }, "product_reference": "openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream" }, "product_reference": "openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream" }, "product_reference": "openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream" }, "product_reference": "openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream" }, "product_reference": "openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream" }, "product_reference": "openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream" }, "product_reference": "openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream" }, "product_reference": "openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream" }, "product_reference": "openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream" }, "product_reference": "openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream" }, "product_reference": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream" }, "product_reference": "openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream" }, "product_reference": "openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream" }, "product_reference": "openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream" }, "product_reference": "openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream" }, "product_reference": "openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream" }, "product_reference": "openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream" }, "product_reference": "openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream" }, "product_reference": "openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream" }, "product_reference": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream" }, "product_reference": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream" }, "product_reference": "openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream" }, "product_reference": "openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream" }, "product_reference": "openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream" }, "product_reference": "openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream" }, "product_reference": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream" }, "product_reference": "openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream" }, "product_reference": "openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream" }, "product_reference": "openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream" }, "product_reference": "openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream" }, "product_reference": "openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream" }, "product_reference": "openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream" }, "product_reference": "openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream" }, "product_reference": "openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream" }, "product_reference": "openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream" }, "product_reference": "openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream" }, "product_reference": "openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream" }, "product_reference": "openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" }, "product_reference": "openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream" }, "product_reference": "openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream" }, "product_reference": "openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream" }, "product_reference": "openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream" }, "product_reference": "openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream" }, "product_reference": "openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream" }, "product_reference": "openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream" }, "product_reference": "openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream" }, "product_reference": "openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream as a component of Red Hat OpenShift Container Platform 4.8", "product_id": "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" }, "product_reference": "openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream", "relates_to_product_reference": "8Base-RHOSE-4.8" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "OpenVPN" ] }, { "names": [ "Karthikeyan Bhargavan", "Ga\u00ebtan Leurent" ], "organization": "Inria", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2183", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2016-08-18T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2183" }, { "category": "external", "summary": "https://access.redhat.com/articles/2548661", "url": "https://access.redhat.com/articles/2548661" }, { "category": "external", "summary": "https://access.redhat.com/errata/RHSA-2016:1940", "url": "https://access.redhat.com/errata/RHSA-2016:1940" }, { "category": "external", "summary": "https://sweet32.info/", "url": "https://sweet32.info/" }, { "category": "external", "summary": "CVE-2016-2183", "url": "https://access.redhat.com/security/cve/CVE-2016-2183" }, { "category": "external", "summary": "bz#1369383: CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383" } ], "release_date": "2016-08-24T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "baseScore": 4.3, "collateralDamagePotential": "NOT_DEFINED", "confidentialityImpact": "PARTIAL", "confidentialityRequirement": "NOT_DEFINED", "environmentalScore": 0.0, "exploitability": "NOT_DEFINED", "integrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "targetDistribution": "NOT_DEFINED", "temporalScore": 0.0, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2016-08-18T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)" }, { "cve": "CVE-2020-7774", "cwe": { "id": "CWE-915", "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes" }, "discovery_date": "2020-11-17T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1898680" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in nodejs-y18n. There is a prototype pollution vulnerability in y18n\u0027s locale functionality. If an attacker is able to provide untrusted input via locale, they may be able to cause denial of service or in rare circumstances, impact to data integrity or confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-y18n: prototype pollution vulnerability", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7774", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7774" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7774", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7774" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-Y18N-1021887", "url": "https://snyk.io/vuln/SNYK-JS-Y18N-1021887" }, { "category": "external", "summary": "CVE-2020-7774", "url": "https://access.redhat.com/security/cve/CVE-2020-7774" }, { "category": "external", "summary": "bz#1898680: CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898680" } ], "release_date": "2020-10-25T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2020-11-17T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability" }, { "cve": "CVE-2020-15106", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-06T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1868883" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found In etcd, where a large slice causes panic in the decodeRecord method. The size of a record is stored in the length field of a WAL file, and no additional validation is performed on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "etcd: Large slice causes panic in decodeRecord method", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-15106", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15106" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15106", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15106" }, { "category": "external", "summary": "https://github.com/etcd-io/etcd/security/advisories/GHSA-p4g4-wgrh-qrg2", "url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-p4g4-wgrh-qrg2" }, { "category": "external", "summary": "CVE-2020-15106", "url": "https://access.redhat.com/security/cve/CVE-2020-15106" }, { "category": "external", "summary": "bz#1868883: CVE-2020-15106 etcd: Large slice causes panic in decodeRecord method", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868883" } ], "release_date": "2020-08-05T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2020-08-06T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-15106 etcd: Large slice causes panic in decodeRecord method" }, { "cve": "CVE-2020-15112", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-05T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1868872" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in etcd, where it is possible to have an entry index greater than the number of entries in the ReadAll method in wal/wal.go. This can cause issues when WAL entries are being read during consensus, as an arbitrary etcd consensus participant can go down from a runtime panic when reading the entry. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "etcd: DoS in wal/wal.go", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-15112", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15112" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15112", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15112" }, { "category": "external", "summary": "https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93", "url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93" }, { "category": "external", "summary": "CVE-2020-15112", "url": "https://access.redhat.com/security/cve/CVE-2020-15112" }, { "category": "external", "summary": "bz#1868872: CVE-2020-15112 etcd: DoS in wal/wal.go", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868872" } ], "release_date": "2020-08-06T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2020-08-05T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-15112 etcd: DoS in wal/wal.go" }, { "cve": "CVE-2020-15113", "cwe": { "id": "CWE-285", "name": "Improper Authorization" }, "discovery_date": "2020-08-06T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1868870" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in etcd. Certain directory paths are created with restricted access permissions (700) by using the os.MkdirAll. This function does not perform any permission checks when a given directory path exists already.", "title": "Vulnerability description" }, { "category": "summary", "text": "etcd: directories created via os.MkdirAll are not checked for permissions", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-15113", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15113" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15113", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15113" }, { "category": "external", "summary": "https://github.com/etcd-io/etcd/security/advisories/GHSA-chh6-ppwq-jh92", "url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-chh6-ppwq-jh92" }, { "category": "external", "summary": "CVE-2020-15113", "url": "https://access.redhat.com/security/cve/CVE-2020-15113" }, { "category": "external", "summary": "bz#1868870: CVE-2020-15113 etcd: directories created via os.MkdirAll are not checked for permissions", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868870" } ], "release_date": "2020-08-05T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2020-08-06T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-15113 etcd: directories created via os.MkdirAll are not checked for permissions" }, { "cve": "CVE-2020-15114", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-06T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1868874" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in etcd, where the etcd gateway is a simple TCP proxy that allows basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This issue results in a denial of service since the endpoint can become stuck in a loop of requesting itself until there are no more available file descriptors to accept connections on the gateway. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "etcd: gateway can include itself as an endpoint resulting in resource exhaustion and leads to DoS", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-15114", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15114" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15114", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15114" }, { "category": "external", "summary": "https://github.com/etcd-io/etcd/security/advisories/GHSA-2xhq-gv6c-p224", "url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-2xhq-gv6c-p224" }, { "category": "external", "summary": "CVE-2020-15114", "url": "https://access.redhat.com/security/cve/CVE-2020-15114" }, { "category": "external", "summary": "bz#1868874: CVE-2020-15114 etcd: gateway can include itself as an endpoint resulting in resource exhaustion and leads to DoS", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868874" } ], "release_date": "2020-08-05T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2020-08-06T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-15114 etcd: gateway can include itself as an endpoint resulting in resource exhaustion and leads to DoS" }, { "cve": "CVE-2020-15136", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "discovery_date": "2020-08-06T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1868880" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in etcd. The gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints function. No authentication is performed against endpoints provided in the --endpoints flag.", "title": "Vulnerability description" }, { "category": "summary", "text": "etcd: no authentication is performed against endpoints provided in the --endpoints flag", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-15136", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15136" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15136", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15136" }, { "category": "external", "summary": "https://github.com/etcd-io/etcd/security/advisories/GHSA-wr2v-9rpq-c35q", "url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-wr2v-9rpq-c35q" }, { "category": "external", "summary": "CVE-2020-15136", "url": "https://access.redhat.com/security/cve/CVE-2020-15136" }, { "category": "external", "summary": "bz#1868880: CVE-2020-15136 etcd: no authentication is performed against endpoints provided in the --endpoints flag", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868880" } ], "release_date": "2020-08-05T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2020-08-06T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-15136 etcd: no authentication is performed against endpoints provided in the --endpoints flag" }, { "cve": "CVE-2020-26160", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2020-09-23T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1883371" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A vulnerability was found in jwt-go where it is vulnerable to Access Restriction Bypass if m[\"aud\"] happens to be []string{}, as allowed by the spec, the type assertion fails and the value of aud is \"\". This can cause audience verification to succeed even if the audiences being passed are incorrect if required is set to false.", "title": "Vulnerability description" }, { "category": "summary", "text": "jwt-go: access restriction bypass vulnerability", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-26160", "url": "https://www.cve.org/CVERecord?id=CVE-2020-26160" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26160", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26160" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515", "url": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515" }, { "category": "external", "summary": "CVE-2020-26160", "url": "https://access.redhat.com/security/cve/CVE-2020-26160" }, { "category": "external", "summary": "bz#1883371: CVE-2020-26160 jwt-go: access restriction bypass vulnerability", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883371" } ], "release_date": "2020-09-15T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2020-09-23T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-26160 jwt-go: access restriction bypass vulnerability" }, { "cve": "CVE-2020-28469", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-04-01T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent function. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-glob-parent: Regular expression denial of service", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28469", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28469" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905", "url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905" }, { "category": "external", "summary": "CVE-2020-28469", "url": "https://access.redhat.com/security/cve/CVE-2020-28469" }, { "category": "external", "summary": "bz#1945459: CVE-2020-28469 nodejs-glob-parent: Regular expression denial of service", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459" } ], "release_date": "2021-01-12T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-04-01T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-28469 nodejs-glob-parent: Regular expression denial of service" }, { "cve": "CVE-2020-28500", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-02-15T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1928954" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in nodejs-lodash. A Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions is possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28500", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28500" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28500", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28500" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-LODASH-1018905", "url": "https://snyk.io/vuln/SNYK-JS-LODASH-1018905" }, { "category": "external", "summary": "CVE-2020-28500", "url": "https://access.redhat.com/security/cve/CVE-2020-28500" }, { "category": "external", "summary": "bz#1928954: CVE-2020-28500 nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928954" } ], "release_date": "2021-02-15T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-02-15T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-28500 nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions" }, { "cve": "CVE-2020-28852", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "discovery_date": "2021-01-02T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in golang.org. In x/text, a \"slice bounds out of range\" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28852", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28852" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28852", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28852" }, { "category": "external", "summary": "CVE-2020-28852", "url": "https://access.redhat.com/security/cve/CVE-2020-28852" }, { "category": "external", "summary": "bz#1913338: CVE-2020-28852 golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338" } ], "release_date": "2021-01-02T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-01-02T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-28852 golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag" }, { "cve": "CVE-2021-3114", "cwe": { "id": "CWE-682", "name": "Incorrect Calculation" }, "discovery_date": "2021-01-21T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1918750" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw detected in golang: crypto/elliptic, in which P-224 keys as generated can return incorrect inputs, reducing the strength of the cryptography. The highest threat from this vulnerability is confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: crypto/elliptic: incorrect operations on the P-224 curve", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3114", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3114" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3114", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3114" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/mperVMGa98w", "url": "https://groups.google.com/g/golang-announce/c/mperVMGa98w" }, { "category": "external", "summary": "CVE-2021-3114", "url": "https://access.redhat.com/security/cve/CVE-2021-3114" }, { "category": "external", "summary": "bz#1918750: CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918750" } ], "release_date": "2021-01-20T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-01-21T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve" }, { "cve": "CVE-2021-3121", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "discovery_date": "2021-01-28T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in github.com/gogo/protobuf before 1.3.2 that allows an out-of-bounds access when unmarshalling certain protobuf objects. This flaw allows a remote attacker to send crafted protobuf messages, causing panic and resulting in a denial of service. The highest threat from this vulnerability is to availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3121", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3121" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121" }, { "category": "external", "summary": "CVE-2021-3121", "url": "https://access.redhat.com/security/cve/CVE-2021-3121" }, { "category": "external", "summary": "bz#1921650: CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650" } ], "release_date": "2021-01-11T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-01-28T00:00:00Z", "details": "Important" } ], "title": "CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation" }, { "acknowledgments": [ { "names": [ "Casey Callendrello" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2021-20206", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2021-01-22T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1919391" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "An improper limitation of path name flaw was found in containernetworking/cni. When specifying the plugin to load in the `type` field in the network configuration, it is possible to use special elements such as \"../\" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as `reboot`. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "containernetworking-cni: Arbitrary path injection via type field in CNI configuration", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-20206", "url": "https://www.cve.org/CVERecord?id=CVE-2021-20206" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20206", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20206" }, { "category": "external", "summary": "CVE-2021-20206", "url": "https://access.redhat.com/security/cve/CVE-2021-20206" }, { "category": "external", "summary": "bz#1919391: CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919391" } ], "release_date": "2021-02-05T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-01-22T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration" }, { "acknowledgments": [ { "names": [ "Aviv Sasson" ], "organization": "Palo Alto Networks" } ], "cve": "CVE-2021-20291", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "discovery_date": "2021-03-12T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1939485" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A deadlock vulnerability was found in `github.com/containers/storage`. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).", "title": "Vulnerability description" }, { "category": "summary", "text": "containers/storage: DoS via malicious image", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-20291", "url": "https://www.cve.org/CVERecord?id=CVE-2021-20291" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20291", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20291" }, { "category": "external", "summary": "https://unit42.paloaltonetworks.com/cve-2021-20291/", "url": "https://unit42.paloaltonetworks.com/cve-2021-20291/" }, { "category": "external", "summary": "CVE-2021-20291", "url": "https://access.redhat.com/security/cve/CVE-2021-20291" }, { "category": "external", "summary": "bz#1939485: CVE-2021-20291 containers/storage: DoS via malicious image", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939485" } ], "release_date": "2021-04-01T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-03-12T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-20291 containers/storage: DoS via malicious image" }, { "cve": "CVE-2021-22133", "cwe": { "id": "CWE-532", "name": "Insertion of Sensitive Information into Log File" }, "discovery_date": "2021-03-24T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1942553" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in the Elastic APM agent for Go in several versions, where it can leak sensitive HTTP header information when logging the details during an application panic. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application panic, it is possible the headers will not be sanitized before being sent. The highest threat from this vulnerability is to confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "go.elastic.co/apm: leaks sensitive HTTP headers during panic", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-22133", "url": "https://www.cve.org/CVERecord?id=CVE-2021-22133" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22133", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22133" }, { "category": "external", "summary": "https://discuss.elastic.co/t/elastic-apm-agent-for-go-1-11-0-security-update/263252", "url": "https://discuss.elastic.co/t/elastic-apm-agent-for-go-1-11-0-security-update/263252" }, { "category": "external", "summary": "CVE-2021-22133", "url": "https://access.redhat.com/security/cve/CVE-2021-22133" }, { "category": "external", "summary": "bz#1942553: CVE-2021-22133 go.elastic.co/apm: leaks sensitive HTTP headers during panic", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942553" } ], "release_date": "2021-02-04T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 2.4, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-03-24T00:00:00Z", "details": "Low" } ], "title": "CVE-2021-22133 go.elastic.co/apm: leaks sensitive HTTP headers during panic" }, { "cve": "CVE-2021-23337", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "discovery_date": "2021-02-15T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1928937" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in nodejs-lodash. A command injection flaw is possible through template variables.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-lodash: command injection via template", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23337", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23337" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23337", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23337" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724", "url": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724" }, { "category": "external", "summary": "CVE-2021-23337", "url": "https://access.redhat.com/security/cve/CVE-2021-23337" }, { "category": "external", "summary": "bz#1928937: CVE-2021-23337 nodejs-lodash: command injection via template", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928937" } ], "release_date": "2021-02-15T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-02-15T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-23337 nodejs-lodash: command injection via template" }, { "cve": "CVE-2021-23362", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-03-25T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1943208" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A regular expression denial of service vulnerability was found in hosted-git-info. If an application allows user input into the affected regular expression (regexp) function, `shortcutMatch` or `fromUrl`, then an attacker could craft a regexp which takes an ever increasing amount of time to process, potentially resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23362", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23362" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23362", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23362" }, { "category": "external", "summary": "CVE-2021-23362", "url": "https://access.redhat.com/security/cve/CVE-2021-23362" }, { "category": "external", "summary": "bz#1943208: CVE-2021-23362 nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943208" } ], "release_date": "2021-03-23T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-03-25T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-23362 nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()" }, { "cve": "CVE-2021-23368", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-04-12T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1948763" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `postcss`. When parsing a supplied CSS string, if it contains an unexpected value then as the supplied CSS grows in length it will take an ever increasing amount of time to process. An attacker can use this vulnerability to potentially craft a malicious a long CSS value to process resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-postcss: Regular expression denial of service during source map parsing", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23368", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23368" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23368", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23368" }, { "category": "external", "summary": "CVE-2021-23368", "url": "https://access.redhat.com/security/cve/CVE-2021-23368" }, { "category": "external", "summary": "bz#1948763: CVE-2021-23368 nodejs-postcss: Regular expression denial of service during source map parsing", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948763" } ], "release_date": "2021-04-12T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-04-12T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-23368 nodejs-postcss: Regular expression denial of service during source map parsing" }, { "cve": "CVE-2021-23382", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-04-26T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1954150" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `postcss` when using getAnnotationURL() or loadAnnotation() options in lib/previous-map.js. An attacker can use this vulnerability to potentially craft a malicious CSS to process resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23382", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23382" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23382", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23382" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640", "url": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640" }, { "category": "external", "summary": "CVE-2021-23382", "url": "https://access.redhat.com/security/cve/CVE-2021-23382" }, { "category": "external", "summary": "bz#1954150: CVE-2021-23382 nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954150" } ], "release_date": "2021-04-26T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-04-26T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-23382 nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js" }, { "cve": "CVE-2021-26539", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-02-08T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1932362" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "Apostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by the \"allowedIframeHostnames\" option.", "title": "Vulnerability description" }, { "category": "summary", "text": "sanitize-html: improper handling of internationalized domain name (IDN) can lead to bypass hostname whitelist validation", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-26539", "url": "https://www.cve.org/CVERecord?id=CVE-2021-26539" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26539", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26539" }, { "category": "external", "summary": "CVE-2021-26539", "url": "https://access.redhat.com/security/cve/CVE-2021-26539" }, { "category": "external", "summary": "bz#1932362: CVE-2021-26539 sanitize-html: improper handling of internationalized domain name (IDN) can lead to bypass hostname whitelist validation", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932362" } ], "release_date": "2021-01-22T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-02-08T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-26539 sanitize-html: improper handling of internationalized domain name (IDN) can lead to bypass hostname whitelist validation" }, { "cve": "CVE-2021-26540", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-02-08T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1932323" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the \"allowedIframeHostnames\" option when the \"allowIframeRelativeUrls\" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with \"/\\\\example.com\".", "title": "Vulnerability description" }, { "category": "summary", "text": "sanitize-html: improper validation of hostnames set by the \"allowedIframeHostnames\" option can lead to bypass hostname whitelist for iframe element", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-26540", "url": "https://www.cve.org/CVERecord?id=CVE-2021-26540" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26540", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26540" }, { "category": "external", "summary": "CVE-2021-26540", "url": "https://access.redhat.com/security/cve/CVE-2021-26540" }, { "category": "external", "summary": "bz#1932323: CVE-2021-26540 sanitize-html: improper validation of hostnames set by the \"allowedIframeHostnames\" option can lead to bypass hostname whitelist for iframe element", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932323" } ], "release_date": "2021-01-26T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-02-08T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-26540 sanitize-html: improper validation of hostnames set by the \"allowedIframeHostnames\" option can lead to bypass hostname whitelist for iframe element" }, { "cve": "CVE-2021-27292", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-03-17T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `ua-parser-js`. If a supplied user agent matches the `Noble` string and contains many spaces then the regex will conduct backtracking, taking an ever increasing amount of time depending on the number of spaces supplied. An attacker can use this vulnerability to potentially craft a malicious user agent resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-27292", "url": "https://www.cve.org/CVERecord?id=CVE-2021-27292" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292" }, { "category": "external", "summary": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76", "url": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76" }, { "category": "external", "summary": "CVE-2021-27292", "url": "https://access.redhat.com/security/cve/CVE-2021-27292" }, { "category": "external", "summary": "bz#1940613: CVE-2021-27292 nodejs-ua-parser-js: ReDoS via malicious User-Agent header", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613" } ], "release_date": "2021-02-11T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-03-17T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-27292 nodejs-ua-parser-js: ReDoS via malicious User-Agent header" }, { "cve": "CVE-2021-28092", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-03-12T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1939103" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in is-svg package. A malicious string provided by an attacker may lead to Regular Expression Denial of Service (ReDoS).\r\nThe highest threat from this vulnerability is to availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-is-svg: ReDoS via malicious string", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-28092", "url": "https://www.cve.org/CVERecord?id=CVE-2021-28092" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-28092", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28092" }, { "category": "external", "summary": "CVE-2021-28092", "url": "https://access.redhat.com/security/cve/CVE-2021-28092" }, { "category": "external", "summary": "bz#1939103: CVE-2021-28092 nodejs-is-svg: ReDoS via malicious string", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939103" } ], "release_date": "2021-03-11T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-03-12T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-28092 nodejs-is-svg: ReDoS via malicious string" }, { "cve": "CVE-2021-29059", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-06-22T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1974839" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in IS-SVG where a Regular Expression Denial of Service (ReDOS) occurs if the application is provided and checks a crafted invalid SVG string. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-is-svg: Regular expression denial of service if the application is provided and checks a crafted invalid SVG string", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-29059", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29059" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29059", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29059" }, { "category": "external", "summary": "CVE-2021-29059", "url": "https://access.redhat.com/security/cve/CVE-2021-29059" }, { "category": "external", "summary": "bz#1974839: CVE-2021-29059 nodejs-is-svg: Regular expression denial of service if the application is provided and checks a crafted invalid SVG string", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974839" } ], "release_date": "2021-06-21T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-06-22T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-29059 nodejs-is-svg: Regular expression denial of service if the application is provided and checks a crafted invalid SVG string" }, { "cve": "CVE-2021-29622", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2021-05-19T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1962718" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "An open redirect vulnerability was found in Prometheus. By specially crafted URL and a /new endpoint, an attacker can redirect user to any other URL.", "title": "Vulnerability description" }, { "category": "summary", "text": "prometheus: open redirect under the /new endpoint", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-29622", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29622" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29622", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29622" }, { "category": "external", "summary": "CVE-2021-29622", "url": "https://access.redhat.com/security/cve/CVE-2021-29622" }, { "category": "external", "summary": "bz#1962718: CVE-2021-29622 prometheus: open redirect under the /new endpoint", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962718" } ], "release_date": "2021-05-18T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-05-19T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-29622 prometheus: open redirect under the /new endpoint" }, { "cve": "CVE-2021-33194", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2021-05-20T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1963232" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in golang. An attacker can craft an input to ParseFragment within parse.go that would cause it to enter an infinite loop and never return. The greatest threat to the system is of availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: x/net/html: infinite loop in ParseFragment", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream" ], "known_not_affected": [ "8Base-RHOSE-4.8:openshift4/driver-toolkit-rhel8:v4.8.0-202107210116.p0.git.37de0e6.assembly.stream", "8Base-RHOSE-4.8:openshift4/egress-router-cni-rhel8:v4.8.0-202106291913.p0.git.016bea1.assembly.stream", "8Base-RHOSE-4.8:openshift4/network-tools-rhel8:v4.8.0-202106291913.p0.git.5ac3739.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d1fe616.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.8.0-202106291913.p0.git.8c036e4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-machine-controllers:v4.8.0-202107131617.p0.git.4c66f3d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.8.0-202107081650.p0.git.2b8eee2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.d3a3c29.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-disk-csi-driver-rhel8:v4.8.0-202106291913.p0.git.2d461b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-azure-machine-controllers:v4.8.0-202106291913.p0.git.8301076.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-machine-controllers:v4.8.0-202106291913.p0.git.a60d493.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-rhel8-operator:v4.8.0-202106291913.p0.git.015024f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-baremetal-runtimecfg-rhel8:v4.8.0-202106291913.p0.git.c8b1456.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli-artifacts:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cli:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cloud-credential-operator:v4.8.0-202106291913.p0.git.b8932e9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-authentication-operator:v4.8.0-202106302318.p0.git.0ec8dd7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler-operator:v4.8.0-202106291913.p0.git.fdae5ba.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-autoscaler:v4.8.0-202107152024.p0.git.7bbde4c.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-baremetal-operator-rhel8:v4.8.0-202106291913.p0.git.04a2ae2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-bootstrap:v4.8.0-202106291913.p0.git.1af395b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-config-operator:v4.8.0-202106291913.p0.git.c102241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.8.0-202106291913.p0.git.07b3f81.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-dns-operator:v4.8.0-202107010313.p0.git.fdb2ebe.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-etcd-rhel8-operator:v4.8.0-202106291913.p0.git.300bdf3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-image-registry-operator:v4.8.0-202106291913.p0.git.f09049a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-ingress-operator:v4.8.0-202106291913.p0.git.e9e6295.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-apiserver-operator:v4.8.0-202106291913.p0.git.d928754.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-controller-manager-operator:v4.8.0-202107141920.p0.git.9dc35db.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-scheduler-operator:v4.8.0-202106291913.p0.git.170a5a6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.8.0-202106291913.p0.git.c4f4f8b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-machine-approver:v4.8.0-202106291913.p0.git.724abd2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-monitoring-operator:v4.8.0-202107151437.p0.git.5cfe241.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-network-operator:v4.8.0-202106291913.p0.git.a5ebd1e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-apiserver-operator:v4.8.0-202106291913.p0.git.683d004.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-openshift-controller-manager-operator:v4.8.0-202106291913.p0.git.286c157.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-policy-controller-rhel8:v4.8.0-202106291913.p0.git.ec46ea5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-samples-operator:v4.8.0-202107152024.p0.git.31fb491.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-storage-operator:v4.8.0-202106291913.p0.git.0775fb6.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-update-keys:v4.8.0-202106152230.p0.git.87835b7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-cluster-version-operator:v4.8.0-202106291913.p0.git.ea6e779.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-configmap-reloader:v4.8.0-202106291913.p0.git.abc5c26.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console-operator:v4.8.0-202106291913.p0.git.b5cf3e0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-console:v4.8.0-202107010336.p0.git.188a490.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-container-networking-plugins-rhel8:v4.8.0-202106291913.p0.git.a8801b0.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-coredns:v4.8.0-202106291913.p0.git.642b46e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8-operator:v4.8.0-202106291913.p0.git.7e86252.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-manila-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-driver-nfs-rhel8:v4.8.0-202106291913.p0.git.9404d34.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher-rhel8:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-attacher:v4.8.0-202106291913.p0.git.596da63.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner-rhel8:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-provisioner:v4.8.0-202106291913.p0.git.3ea7e68.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer-rhel8:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-resizer:v4.8.0-202106291913.p0.git.b5dd2b3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-external-snapshotter:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe-rhel8:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-livenessprobe:v4.8.0-202106291913.p0.git.a29b115.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar-rhel8:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-node-driver-registrar:v4.8.0-202106291913.p0.git.0519730.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-controller:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.8.0-202106291913.p0.git.1e2cca9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-deployer:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-builder:v4.8.0-202107152024.p0.git.70b7b95.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-docker-registry:v4.8.0-202106291913.p0.git.a87e6c5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.34db56e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.35ebe86.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.8.0-202106291913.p0.git.0b61889.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-grafana:v4.8.0-202106291913.p0.git.b987e4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-haproxy-router:v4.8.0-202106291913.p0.git.207d546.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-hyperkube:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-insights-rhel8-operator:v4.8.0-202106291913.p0.git.2040a71.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer-artifacts:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-installer:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.8.0-202107191801.p0.git.61c4cc7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-inspector-rhel8:v4.8.0-202107191302.p0.git.9aafd07.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-ipa-downloader-rhel8:v4.8.0-202107152024.p0.git.ba87832.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.8.0-202107152024.p0.git.71967e7.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-rhel8:v4.8.0-202107191302.p0.git.227b76b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ironic-static-ip-manager-rhel8:v4.8.0-202107152024.p0.git.d2e40e3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-base:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-maven:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-jenkins:v4.8.0-202106291913.p0.git.6c68667.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-k8s-prometheus-adapter:v4.8.0-202106291913.p0.git.2856bc2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-keepalived-ipfailover:v4.8.0-202106152230.p0.git.ad38e11.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-proxy:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-state-metrics:v4.8.0-202106291913.p0.git.9471662.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kube-storage-version-migrator-rhel8:v4.8.0-202106291913.p0.git.901a6d2.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-cni-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-kuryr-controller-rhel8:v4.8.0-202107191610.p0.git.8a4c2d8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-libvirt-machine-controllers:v4.8.0-202106291913.p0.git.1a48d4b.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-api-operator:v4.8.0-202107091016.p0.git.1155220.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-machine-config-operator:v4.8.0-202107011817.p0.git.29813c8.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-mdns-publisher-rhel8:v4.8.0-202106291913.p0.git.2c42cc4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-admission-controller:v4.8.0-202106291913.p0.git.a7312f5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-cni:v4.8.0-202106291913.p0.git.0c97234.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-networkpolicy-rhel8:v4.8.0-202106291913.p0.git.187ad91.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-route-override-cni-rhel8:v4.8.0-202107152024.p0.git.1662c3e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.8.0-202107152024.p0.git.9a05258.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-must-gather:v4.8.0-202106291913.p0.git.cc7e2a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-network-metrics-daemon-rhel8:v4.8.0-202106291913.p0.git.f02c63a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-apiserver-rhel8:v4.8.0-202106291913.p0.git.09435a5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-proxy:v4.8.0-202107152024.p0.git.3fc0d89.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-oauth-server-rhel8:v4.8.0-202106291913.p0.git.374e2ee.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-apiserver-rhel8:v4.8.0-202106291913.p0.git.3949869.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-controller-manager-rhel8:v4.8.0-202106291913.p0.git.2e25328.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openshift-state-metrics-rhel8:v4.8.0-202106291913.p0.git.1014291.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.1184ace.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.8.0-202106291913.p0.git.3579ead.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-openstack-machine-controllers:v4.8.0-202106291913.p0.git.3024c78.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-lifecycle-manager:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-marketplace:v4.8.0-202106291913.p0.git.e39ff59.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-operator-registry:v4.8.0-202107160028.p0.git.2b803dd.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovirt-machine-controllers-rhel8:v4.8.0-202106291913.p0.git.86c1675.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-ovn-kubernetes:v4.8.0-202106291913.p0.git.dbc67b5.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-pod:v4.8.0-202107161820.p0.git.051ac4f.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prom-label-proxy:v4.8.0-202106291913.p0.git.2faeb40.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-alertmanager:v4.8.0-202106291913.p0.git.7b5ac87.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-config-reloader:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-node-exporter:v4.8.0-202106291913.p0.git.c926449.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus-operator:v4.8.0-202106291913.p0.git.9d679a1.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-prometheus:v4.8.0-202106291913.p0.git.f3beb88.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-sdn-rhel8:v4.8.0-202106291913.p0.git.00d84a9.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-service-ca-operator:v4.8.0-202107131132.p0.git.bcc6df4.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-telemeter:v4.8.0-202106291913.p0.git.d6ceb8a.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tests:v4.8.0-202107131424.p0.git.0d958c3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-thanos-rhel8:v4.8.0-202106291913.p0.git.c358e96.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-tools-rhel8:v4.8.0-202106291725.p0.git.1077b05.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vmware-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-operator-rhel8:v4.8.0-202106291913.p0.git.edbdd69.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-csi-driver-syncer-rhel8:v4.8.0-202106291913.p0.git.dd5345e.assembly.stream", "8Base-RHOSE-4.8:openshift4/ose-vsphere-problem-detector-rhel8:v4.8.0-202106291913.p0.git.bf6f4fa.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel7:v4.8.0-202106291913.p0.git.b1d4ec3.assembly.stream", "8Base-RHOSE-4.8:openshift4/ovirt-csi-driver-rhel8-operator:v4.8.0-202106291913.p0.git.7b6cd3d.assembly.stream" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33194", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33194" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194" }, { "category": "external", "summary": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ", "url": "https://groups.google.com/g/golang-dev/c/28x0nthP-c8/m/KqWVTjsnBAAJ" }, { "category": "external", "summary": "CVE-2021-33194", "url": "https://access.redhat.com/security/cve/CVE-2021-33194" }, { "category": "external", "summary": "bz#1963232: CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1963232" } ], "release_date": "2021-05-20T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html", "product_ids": [ "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream" ], "url": "https://access.redhat.com/errata/RHSA-2021:2438" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.8:openshift4/ose-cluster-node-tuning-operator:v4.8.0-202107091725.p0.git.6be3f67.assembly.stream" ] } ], "threats": [ { "category": "impact", "date": "2021-05-20T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment" } ] }
ghsa-83g2-8m93-v3w7
Vulnerability from github
Published
2022-05-24 19:03
Modified
2024-05-20 20:30
Severity
Summary
golang.org/x/net/html Infinite Loop vulnerability
Details
Go through 1.15.12 and 1.16.x through 1.16.4 has a golang.org/x/net/html infinite loop via crafted ParseFragment input.
{ "affected": [ { "package": { "ecosystem": "Go", "name": "golang.org/x/net" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0.0.0-20210520170846-37e1c6afe023" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2021-33194" ], "database_specific": { "cwe_ids": [ "CWE-835" ], "github_reviewed": true, "github_reviewed_at": "2023-02-08T00:33:11Z", "nvd_published_at": "2021-05-26T15:15:00Z", "severity": "HIGH" }, "details": "Go through 1.15.12 and 1.16.x through 1.16.4 has a golang.org/x/net/html infinite loop via crafted ParseFragment input.", "id": "GHSA-83g2-8m93-v3w7", "modified": "2024-05-20T20:30:54Z", "published": "2022-05-24T19:03:21Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33194" }, { "type": "WEB", "url": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7" }, { "type": "WEB", "url": "https://go.dev/cl/311090" }, { "type": "WEB", "url": "https://go.dev/issue/46288" }, { "type": "WEB", "url": "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7" }, { "type": "WEB", "url": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM" }, { "type": "WEB", "url": "https://pkg.go.dev/vuln/GO-2021-0238" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ], "summary": "golang.org/x/net/html Infinite Loop vulnerability" }
wid-sec-w-2024-0794
Vulnerability from csaf_certbund
Published
2024-04-04 22:00
Modified
2024-04-04 22:00
Summary
Dell ECS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Dell ECS ist ein Objektspeichersystem.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Dell ECS ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Dell ECS ist ein Objektspeichersystem.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in Dell ECS ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Linux\n- UNIX\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-0794 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0794.json" }, { "category": "self", "summary": "WID-SEC-2024-0794 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0794" }, { "category": "external", "summary": "Dell Security Advisory DSA-2024-141 vom 2024-04-04", "url": "https://www.dell.com/support/kbdoc/000223839/dsa-2024-=" } ], "source_lang": "en-US", "title": "Dell ECS: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-04-04T22:00:00.000+00:00", "generator": { "date": "2024-04-05T09:37:24.604+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-0794", "initial_release_date": "2024-04-04T22:00:00.000+00:00", "revision_history": [ { "date": "2024-04-04T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c 3.8.1.0", "product": { "name": "Dell ECS \u003c 3.8.1.0", "product_id": "T033919", "product_identification_helper": { "cpe": "cpe:/h:dell:ecs:3.8.1.0" } } } ], "category": "product_name", "name": "ECS" } ], "category": "vendor", "name": "Dell" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-18074", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2018-18074" }, { "cve": "CVE-2020-10663", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-10663" }, { "cve": "CVE-2020-10672", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-10672" }, { "cve": "CVE-2020-10673", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-10673" }, { "cve": "CVE-2020-10735", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-10735" }, { "cve": "CVE-2020-10968", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-10968" }, { "cve": "CVE-2020-10969", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-10969" }, { "cve": "CVE-2020-11111", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-11111" }, { "cve": "CVE-2020-11112", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-11112" }, { "cve": "CVE-2020-11113", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-11113" }, { "cve": "CVE-2020-11612", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-11612" }, { "cve": "CVE-2020-11619", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-11619" }, { "cve": "CVE-2020-11620", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-11620" }, { "cve": "CVE-2020-11979", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-11979" }, { "cve": "CVE-2020-12762", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-12762" }, { "cve": "CVE-2020-12825", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-12825" }, { "cve": "CVE-2020-13956", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-13956" }, { "cve": "CVE-2020-14060", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-14060" }, { "cve": "CVE-2020-14061", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-14061" }, { "cve": "CVE-2020-14062", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-14062" }, { "cve": "CVE-2020-14195", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-14195" }, { "cve": "CVE-2020-15250", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-15250" }, { "cve": "CVE-2020-1945", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-1945" }, { "cve": "CVE-2020-1967", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-1967" }, { "cve": "CVE-2020-1971", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-1971" }, { "cve": "CVE-2020-24616", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-24616" }, { "cve": "CVE-2020-24750", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-24750" }, { "cve": "CVE-2020-25649", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-25649" }, { "cve": "CVE-2020-25658", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-25658" }, { "cve": "CVE-2020-26116", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-26116" }, { "cve": "CVE-2020-26137", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-26137" }, { "cve": "CVE-2020-26541", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-26541" }, { "cve": "CVE-2020-27216", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-27216" }, { "cve": "CVE-2020-27218", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-27218" }, { "cve": "CVE-2020-27223", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-27223" }, { "cve": "CVE-2020-28366", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-28366" }, { "cve": "CVE-2020-28493", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-28493" }, { "cve": "CVE-2020-29509", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-29509" }, { "cve": "CVE-2020-29511", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-29511" }, { "cve": "CVE-2020-29582", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-29582" }, { "cve": "CVE-2020-29651", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-29651" }, { "cve": "CVE-2020-35490", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-35490" }, { "cve": "CVE-2020-35491", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-35491" }, { "cve": "CVE-2020-35728", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-35728" }, { "cve": "CVE-2020-36179", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-36179" }, { "cve": "CVE-2020-36180", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-36180" }, { "cve": "CVE-2020-36181", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-36181" }, { "cve": "CVE-2020-36182", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-36182" }, { "cve": "CVE-2020-36183", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-36183" }, { "cve": "CVE-2020-36184", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-36184" }, { "cve": "CVE-2020-36185", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-36185" }, { "cve": "CVE-2020-36186", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-36186" }, { "cve": "CVE-2020-36187", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-36187" }, { "cve": "CVE-2020-36188", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-36188" }, { "cve": "CVE-2020-36189", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-36189" }, { "cve": "CVE-2020-36516", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-36516" }, { "cve": "CVE-2020-36518", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-36518" }, { "cve": "CVE-2020-36557", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-36557" }, { "cve": "CVE-2020-36558", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-36558" }, { "cve": "CVE-2020-36691", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-36691" }, { "cve": "CVE-2020-7238", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-7238" }, { "cve": "CVE-2020-8840", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-8840" }, { "cve": "CVE-2020-8908", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-8908" }, { "cve": "CVE-2020-8911", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-8911" }, { "cve": "CVE-2020-8912", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-8912" }, { "cve": "CVE-2020-9488", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-9488" }, { "cve": "CVE-2020-9493", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-9493" }, { "cve": "CVE-2020-9546", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-9546" }, { "cve": "CVE-2020-9547", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-9547" }, { "cve": "CVE-2020-9548", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2020-9548" }, { "cve": "CVE-2021-20190", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-20190" }, { "cve": "CVE-2021-20323", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-20323" }, { "cve": "CVE-2021-21290", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-21290" }, { "cve": "CVE-2021-21295", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-21295" }, { "cve": "CVE-2021-21409", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-21409" }, { "cve": "CVE-2021-23840", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-23840" }, { "cve": "CVE-2021-23841", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-23841" }, { "cve": "CVE-2021-2471", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-2471" }, { "cve": "CVE-2021-25642", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-25642" }, { "cve": "CVE-2021-26341", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-26341" }, { "cve": "CVE-2021-27918", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-27918" }, { "cve": "CVE-2021-28153", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-28153" }, { "cve": "CVE-2021-28165", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-28165" }, { "cve": "CVE-2021-28169", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-28169" }, { "cve": "CVE-2021-28861", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-28861" }, { "cve": "CVE-2021-29425", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-29425" }, { "cve": "CVE-2021-30560", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-30560" }, { "cve": "CVE-2021-3114", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3114" }, { "cve": "CVE-2021-33036", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-33036" }, { "cve": "CVE-2021-33194", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-33194" }, { "cve": "CVE-2021-33195", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-33195" }, { "cve": "CVE-2021-33196", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-33196" }, { "cve": "CVE-2021-33197", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-33197" }, { "cve": "CVE-2021-33503", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-33503" }, { "cve": "CVE-2021-33655", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-33655" }, { "cve": "CVE-2021-33656", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-33656" }, { "cve": "CVE-2021-3424", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3424" }, { "cve": "CVE-2021-34428", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-34428" }, { "cve": "CVE-2021-3449", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3449" }, { "cve": "CVE-2021-3450", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3450" }, { "cve": "CVE-2021-3530", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3530" }, { "cve": "CVE-2021-36221", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-36221" }, { "cve": "CVE-2021-36373", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-36373" }, { "cve": "CVE-2021-36374", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-36374" }, { "cve": "CVE-2021-3648", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3648" }, { "cve": "CVE-2021-36690", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-36690" }, { "cve": "CVE-2021-3711", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3711" }, { "cve": "CVE-2021-3712", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3712" }, { "cve": "CVE-2021-37136", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-37136" }, { "cve": "CVE-2021-37137", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-37137" }, { "cve": "CVE-2021-37404", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-37404" }, { "cve": "CVE-2021-37533", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-37533" }, { "cve": "CVE-2021-3754", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3754" }, { "cve": "CVE-2021-3778", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3778" }, { "cve": "CVE-2021-3796", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3796" }, { "cve": "CVE-2021-3826", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3826" }, { "cve": "CVE-2021-3827", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3827" }, { "cve": "CVE-2021-38297", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-38297" }, { "cve": "CVE-2021-3872", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3872" }, { "cve": "CVE-2021-3875", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3875" }, { "cve": "CVE-2021-3903", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3903" }, { "cve": "CVE-2021-3923", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3923" }, { "cve": "CVE-2021-3927", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3927" }, { "cve": "CVE-2021-3928", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3928" }, { "cve": "CVE-2021-3968", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3968" }, { "cve": "CVE-2021-3973", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3973" }, { "cve": "CVE-2021-3974", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3974" }, { "cve": "CVE-2021-3984", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-3984" }, { "cve": "CVE-2021-4019", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-4019" }, { "cve": "CVE-2021-4037", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-4037" }, { "cve": "CVE-2021-4069", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-4069" }, { "cve": "CVE-2021-4104", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-4104" }, { "cve": "CVE-2021-4136", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-4136" }, { "cve": "CVE-2021-4157", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-4157" }, { "cve": "CVE-2021-4166", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-4166" }, { "cve": "CVE-2021-41771", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-41771" }, { "cve": "CVE-2021-4192", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-4192" }, { "cve": "CVE-2021-4193", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-4193" }, { "cve": "CVE-2021-4203", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-4203" }, { "cve": "CVE-2021-42567", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-42567" }, { "cve": "CVE-2021-43797", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-43797" }, { "cve": "CVE-2021-44531", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-44531" }, { "cve": "CVE-2021-44532", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-44532" }, { "cve": "CVE-2021-44533", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-44533" }, { "cve": "CVE-2021-44716", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-44716" }, { "cve": "CVE-2021-44878", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-44878" }, { "cve": "CVE-2021-45078", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-45078" }, { "cve": "CVE-2021-46195", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-46195" }, { "cve": "CVE-2021-46828", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-46828" }, { "cve": "CVE-2021-46848", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2021-46848" }, { "cve": "CVE-2022-0128", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-0128" }, { "cve": "CVE-2022-0213", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-0213" }, { "cve": "CVE-2022-0225", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-0225" }, { "cve": "CVE-2022-0261", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-0261" }, { "cve": "CVE-2022-0318", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-0318" }, { "cve": "CVE-2022-0319", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-0319" }, { "cve": "CVE-2022-0351", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-0351" }, { "cve": "CVE-2022-0359", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-0359" }, { "cve": "CVE-2022-0361", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-0361" }, { "cve": "CVE-2022-0392", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-0392" }, { "cve": "CVE-2022-0407", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-0407" }, { "cve": "CVE-2022-0413", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-0413" }, { "cve": "CVE-2022-0561", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-0561" }, { "cve": "CVE-2022-0696", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-0696" }, { "cve": "CVE-2022-0778", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-0778" }, { "cve": "CVE-2022-1184", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1184" }, { "cve": "CVE-2022-1245", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1245" }, { "cve": "CVE-2022-1271", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1271" }, { "cve": "CVE-2022-1292", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1292" }, { "cve": "CVE-2022-1381", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1381" }, { "cve": "CVE-2022-1420", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1420" }, { "cve": "CVE-2022-1462", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1462" }, { "cve": "CVE-2022-1466", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1466" }, { "cve": "CVE-2022-1471", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1471" }, { "cve": "CVE-2022-1586", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1586" }, { "cve": "CVE-2022-1587", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1587" }, { "cve": "CVE-2022-1616", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1616" }, { "cve": "CVE-2022-1619", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1619" }, { "cve": "CVE-2022-1620", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1620" }, { "cve": "CVE-2022-1679", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1679" }, { "cve": "CVE-2022-1705", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1705" }, { "cve": "CVE-2022-1720", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1720" }, { "cve": "CVE-2022-1729", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1729" }, { "cve": "CVE-2022-1733", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1733" }, { "cve": "CVE-2022-1735", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1735" }, { "cve": "CVE-2022-1771", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1771" }, { "cve": "CVE-2022-1785", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1785" }, { "cve": "CVE-2022-1796", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1796" }, { "cve": "CVE-2022-1851", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1851" }, { "cve": "CVE-2022-1897", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1897" }, { "cve": "CVE-2022-1898", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1898" }, { "cve": "CVE-2022-1927", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1927" }, { "cve": "CVE-2022-1962", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1962" }, { "cve": "CVE-2022-1968", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1968" }, { "cve": "CVE-2022-1974", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1974" }, { "cve": "CVE-2022-1975", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-1975" }, { "cve": "CVE-2022-20132", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-20132" }, { "cve": "CVE-2022-20141", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-20141" }, { "cve": "CVE-2022-20154", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-20154" }, { "cve": "CVE-2022-20166", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-20166" }, { "cve": "CVE-2022-20368", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-20368" }, { "cve": "CVE-2022-20369", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-20369" }, { "cve": "CVE-2022-2047", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2047" }, { "cve": "CVE-2022-2048", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2048" }, { "cve": "CVE-2022-20567", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-20567" }, { "cve": "CVE-2022-2068", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2068" }, { "cve": "CVE-2022-2097", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2097" }, { "cve": "CVE-2022-21216", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-21216" }, { "cve": "CVE-2022-21233", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-21233" }, { "cve": "CVE-2022-2124", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2124" }, { "cve": "CVE-2022-2125", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2125" }, { "cve": "CVE-2022-2126", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2126" }, { "cve": "CVE-2022-2129", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2129" }, { "cve": "CVE-2022-21363", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-21363" }, { "cve": "CVE-2022-21385", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-21385" }, { "cve": "CVE-2022-21499", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-21499" }, { "cve": "CVE-2022-2153", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2153" }, { "cve": "CVE-2022-21540", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-21540" }, { "cve": "CVE-2022-21541", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-21541" }, { "cve": "CVE-2022-21549", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-21549" }, { "cve": "CVE-2022-21618", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-21618" }, { "cve": "CVE-2022-21619", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-21619" }, { "cve": "CVE-2022-21624", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-21624" }, { "cve": "CVE-2022-21626", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-21626" }, { "cve": "CVE-2022-21628", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-21628" }, { "cve": "CVE-2022-21702", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-21702" }, { "cve": "CVE-2022-2175", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2175" }, { "cve": "CVE-2022-2182", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2182" }, { "cve": "CVE-2022-2183", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2183" }, { "cve": "CVE-2022-2206", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2206" }, { "cve": "CVE-2022-2207", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2207" }, { "cve": "CVE-2022-2208", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2208" }, { "cve": "CVE-2022-2210", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2210" }, { "cve": "CVE-2022-2231", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2231" }, { "cve": "CVE-2022-2256", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2256" }, { "cve": "CVE-2022-2257", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2257" }, { "cve": "CVE-2022-2264", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2264" }, { "cve": "CVE-2022-2284", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2284" }, { "cve": "CVE-2022-2285", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2285" }, { "cve": "CVE-2022-2286", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2286" }, { "cve": "CVE-2022-2287", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2287" }, { "cve": "CVE-2022-22976", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-22976" }, { "cve": "CVE-2022-22978", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-22978" }, { "cve": "CVE-2022-2304", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2304" }, { "cve": "CVE-2022-2318", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2318" }, { "cve": "CVE-2022-23302", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-23302" }, { "cve": "CVE-2022-23305", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-23305" }, { "cve": "CVE-2022-23307", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-23307" }, { "cve": "CVE-2022-2343", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2343" }, { "cve": "CVE-2022-2344", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2344" }, { "cve": "CVE-2022-2345", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2345" }, { "cve": "CVE-2022-23471", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-23471" }, { "cve": "CVE-2022-23521", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-23521" }, { "cve": "CVE-2022-23772", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-23772" }, { "cve": "CVE-2022-23773", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-23773" }, { "cve": "CVE-2022-24302", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-24302" }, { "cve": "CVE-2022-24329", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-24329" }, { "cve": "CVE-2022-24823", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-24823" }, { "cve": "CVE-2022-24903", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-24903" }, { "cve": "CVE-2022-2503", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2503" }, { "cve": "CVE-2022-25147", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-25147" }, { "cve": "CVE-2022-25168", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-25168" }, { "cve": "CVE-2022-2519", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2519" }, { "cve": "CVE-2022-2520", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2520" }, { "cve": "CVE-2022-2521", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2521" }, { "cve": "CVE-2022-2522", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2522" }, { "cve": "CVE-2022-25647", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-25647" }, { "cve": "CVE-2022-2571", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2571" }, { "cve": "CVE-2022-2580", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2580" }, { "cve": "CVE-2022-2581", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2581" }, { "cve": "CVE-2022-25857", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-25857" }, { "cve": "CVE-2022-2588", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2588" }, { "cve": "CVE-2022-2598", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2598" }, { "cve": "CVE-2022-26148", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-26148" }, { "cve": "CVE-2022-26365", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-26365" }, { "cve": "CVE-2022-26373", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-26373" }, { "cve": "CVE-2022-2639", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2639" }, { "cve": "CVE-2022-26612", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-26612" }, { "cve": "CVE-2022-2663", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2663" }, { "cve": "CVE-2022-27781", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-27781" }, { "cve": "CVE-2022-27782", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-27782" }, { "cve": "CVE-2022-27943", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-27943" }, { "cve": "CVE-2022-2795", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2795" }, { "cve": "CVE-2022-28131", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-28131" }, { "cve": "CVE-2022-2816", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2816" }, { "cve": "CVE-2022-2817", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2817" }, { "cve": "CVE-2022-2819", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2819" }, { "cve": "CVE-2022-28327", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-28327" }, { "cve": "CVE-2022-2845", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2845" }, { "cve": "CVE-2022-2849", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2849" }, { "cve": "CVE-2022-2862", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2862" }, { "cve": "CVE-2022-2867", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2867" }, { "cve": "CVE-2022-2868", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2868" }, { "cve": "CVE-2022-2869", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2869" }, { "cve": "CVE-2022-28693", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-28693" }, { "cve": "CVE-2022-2874", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2874" }, { "cve": "CVE-2022-28748", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-28748" }, { "cve": "CVE-2022-2880", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2880" }, { "cve": "CVE-2022-2889", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2889" }, { "cve": "CVE-2022-29162", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-29162" }, { "cve": "CVE-2022-29187", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-29187" }, { "cve": "CVE-2022-2923", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2923" }, { "cve": "CVE-2022-2946", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2946" }, { "cve": "CVE-2022-29526", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-29526" }, { "cve": "CVE-2022-29583", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-29583" }, { "cve": "CVE-2022-2964", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2964" }, { "cve": "CVE-2022-2977", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2977" }, { "cve": "CVE-2022-2980", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2980" }, { "cve": "CVE-2022-2982", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2982" }, { "cve": "CVE-2022-29900", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-29900" }, { "cve": "CVE-2022-29901", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-29901" }, { "cve": "CVE-2022-2991", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-2991" }, { "cve": "CVE-2022-3016", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3016" }, { "cve": "CVE-2022-3028", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3028" }, { "cve": "CVE-2022-3037", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3037" }, { "cve": "CVE-2022-30580", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-30580" }, { "cve": "CVE-2022-30630", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-30630" }, { "cve": "CVE-2022-30631", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-30631" }, { "cve": "CVE-2022-30632", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-30632" }, { "cve": "CVE-2022-30633", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-30633" }, { "cve": "CVE-2022-3099", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3099" }, { "cve": "CVE-2022-31030", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-31030" }, { "cve": "CVE-2022-31159", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-31159" }, { "cve": "CVE-2022-3134", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3134" }, { "cve": "CVE-2022-3153", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3153" }, { "cve": "CVE-2022-3169", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3169" }, { "cve": "CVE-2022-31690", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-31690" }, { "cve": "CVE-2022-32148", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-32148" }, { "cve": "CVE-2022-32149", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-32149" }, { "cve": "CVE-2022-32206", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-32206" }, { "cve": "CVE-2022-32208", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-32208" }, { "cve": "CVE-2022-32221", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-32221" }, { "cve": "CVE-2022-3234", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3234" }, { "cve": "CVE-2022-3235", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3235" }, { "cve": "CVE-2022-3239", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3239" }, { "cve": "CVE-2022-3278", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3278" }, { "cve": "CVE-2022-3296", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3296" }, { "cve": "CVE-2022-3297", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3297" }, { "cve": "CVE-2022-33196", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-33196" }, { "cve": "CVE-2022-3324", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3324" }, { "cve": "CVE-2022-3352", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3352" }, { "cve": "CVE-2022-33740", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-33740" }, { "cve": "CVE-2022-33741", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-33741" }, { "cve": "CVE-2022-33742", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-33742" }, { "cve": "CVE-2022-33972", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-33972" }, { "cve": "CVE-2022-33981", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-33981" }, { "cve": "CVE-2022-34169", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-34169" }, { "cve": "CVE-2022-3424", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3424" }, { "cve": "CVE-2022-34266", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-34266" }, { "cve": "CVE-2022-34526", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-34526" }, { "cve": "CVE-2022-34903", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-34903" }, { "cve": "CVE-2022-3491", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3491" }, { "cve": "CVE-2022-3515", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3515" }, { "cve": "CVE-2022-3520", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3520" }, { "cve": "CVE-2022-3521", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3521" }, { "cve": "CVE-2022-3524", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3524" }, { "cve": "CVE-2022-35252", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-35252" }, { "cve": "CVE-2022-3542", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3542" }, { "cve": "CVE-2022-3545", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3545" }, { "cve": "CVE-2022-3564", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3564" }, { "cve": "CVE-2022-3565", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3565" }, { "cve": "CVE-2022-3566", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3566" }, { "cve": "CVE-2022-3567", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3567" }, { "cve": "CVE-2022-35737", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-35737" }, { "cve": "CVE-2022-3586", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3586" }, { "cve": "CVE-2022-3591", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3591" }, { "cve": "CVE-2022-3594", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3594" }, { "cve": "CVE-2022-3597", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3597" }, { "cve": "CVE-2022-3599", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3599" }, { "cve": "CVE-2022-36109", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-36109" }, { "cve": "CVE-2022-3621", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3621" }, { "cve": "CVE-2022-3626", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3626" }, { "cve": "CVE-2022-3627", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3627" }, { "cve": "CVE-2022-3628", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3628" }, { "cve": "CVE-2022-36280", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-36280" }, { "cve": "CVE-2022-3629", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3629" }, { "cve": "CVE-2022-3635", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3635" }, { "cve": "CVE-2022-3643", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3643" }, { "cve": "CVE-2022-36437", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-36437" }, { "cve": "CVE-2022-3646", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3646" }, { "cve": "CVE-2022-3649", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3649" }, { "cve": "CVE-2022-36760", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-36760" }, { "cve": "CVE-2022-36879", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-36879" }, { "cve": "CVE-2022-36946", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-36946" }, { "cve": "CVE-2022-3705", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3705" }, { "cve": "CVE-2022-37434", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-37434" }, { "cve": "CVE-2022-37436", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-37436" }, { "cve": "CVE-2022-37865", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-37865" }, { "cve": "CVE-2022-37866", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-37866" }, { "cve": "CVE-2022-38090", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-38090" }, { "cve": "CVE-2022-38096", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-38096" }, { "cve": "CVE-2022-38126", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-38126" }, { "cve": "CVE-2022-38127", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-38127" }, { "cve": "CVE-2022-38177", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-38177" }, { "cve": "CVE-2022-38178", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-38178" }, { "cve": "CVE-2022-3821", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3821" }, { "cve": "CVE-2022-38533", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-38533" }, { "cve": "CVE-2022-38749", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-38749" }, { "cve": "CVE-2022-38750", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-38750" }, { "cve": "CVE-2022-38751", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-38751" }, { "cve": "CVE-2022-38752", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-38752" }, { "cve": "CVE-2022-39028", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-39028" }, { "cve": "CVE-2022-3903", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3903" }, { "cve": "CVE-2022-39188", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-39188" }, { "cve": "CVE-2022-39399", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-39399" }, { "cve": "CVE-2022-3970", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-3970" }, { "cve": "CVE-2022-40149", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-40149" }, { "cve": "CVE-2022-40150", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-40150" }, { "cve": "CVE-2022-40151", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-40151" }, { "cve": "CVE-2022-40152", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-40152" }, { "cve": "CVE-2022-40153", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-40153" }, { "cve": "CVE-2022-40303", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-40303" }, { "cve": "CVE-2022-40304", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-40304" }, { "cve": "CVE-2022-40307", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-40307" }, { "cve": "CVE-2022-40674", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-40674" }, { "cve": "CVE-2022-40768", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-40768" }, { "cve": "CVE-2022-40899", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-40899" }, { "cve": "CVE-2022-4095", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-4095" }, { "cve": "CVE-2022-41218", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-41218" }, { "cve": "CVE-2022-4129", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-4129" }, { "cve": "CVE-2022-4141", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-4141" }, { "cve": "CVE-2022-41717", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-41717" }, { "cve": "CVE-2022-41721", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-41721" }, { "cve": "CVE-2022-41848", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-41848" }, { "cve": "CVE-2022-41850", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-41850" }, { "cve": "CVE-2022-41854", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-41854" }, { "cve": "CVE-2022-41858", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-41858" }, { "cve": "CVE-2022-41881", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-41881" }, { "cve": "CVE-2022-41903", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-41903" }, { "cve": "CVE-2022-41915", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-41915" }, { "cve": "CVE-2022-41966", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-41966" }, { "cve": "CVE-2022-41974", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-41974" }, { "cve": "CVE-2022-42003", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-42003" }, { "cve": "CVE-2022-42004", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-42004" }, { "cve": "CVE-2022-42010", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-42010" }, { "cve": "CVE-2022-42011", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-42011" }, { "cve": "CVE-2022-42012", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-42012" }, { "cve": "CVE-2022-42328", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-42328" }, { "cve": "CVE-2022-42329", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-42329" }, { "cve": "CVE-2022-42703", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-42703" }, { "cve": "CVE-2022-42889", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-42889" }, { "cve": "CVE-2022-42895", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-42895" }, { "cve": "CVE-2022-42896", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-42896" }, { "cve": "CVE-2022-42898", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-42898" }, { "cve": "CVE-2022-4292", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-4292" }, { "cve": "CVE-2022-4293", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-4293" }, { "cve": "CVE-2022-42969", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-42969" }, { "cve": "CVE-2022-4304", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-4304" }, { "cve": "CVE-2022-43552", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-43552" }, { "cve": "CVE-2022-43680", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-43680" }, { "cve": "CVE-2022-43750", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-43750" }, { "cve": "CVE-2022-4378", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-4378" }, { "cve": "CVE-2022-43945", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-43945" }, { "cve": "CVE-2022-43995", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-43995" }, { "cve": "CVE-2022-4415", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-4415" }, { "cve": "CVE-2022-4450", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-4450" }, { "cve": "CVE-2022-44638", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-44638" }, { "cve": "CVE-2022-45061", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-45061" }, { "cve": "CVE-2022-45688", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-45688" }, { "cve": "CVE-2022-45884", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-45884" }, { "cve": "CVE-2022-45885", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-45885" }, { "cve": "CVE-2022-45886", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-45886" }, { "cve": "CVE-2022-45887", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-45887" }, { "cve": "CVE-2022-45919", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-45919" }, { "cve": "CVE-2022-45934", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-45934" }, { "cve": "CVE-2022-45939", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-45939" }, { "cve": "CVE-2022-4662", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-4662" }, { "cve": "CVE-2022-46751", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-46751" }, { "cve": "CVE-2022-46908", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-46908" }, { "cve": "CVE-2022-47629", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-47629" }, { "cve": "CVE-2022-47929", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-47929" }, { "cve": "CVE-2022-48281", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-48281" }, { "cve": "CVE-2022-48337", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-48337" }, { "cve": "CVE-2022-48339", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2022-48339" }, { "cve": "CVE-2023-0045", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-0045" }, { "cve": "CVE-2023-0049", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-0049" }, { "cve": "CVE-2023-0051", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-0051" }, { "cve": "CVE-2023-0054", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-0054" }, { "cve": "CVE-2023-0215", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-0215" }, { "cve": "CVE-2023-0286", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-0286" }, { "cve": "CVE-2023-0288", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-0288" }, { "cve": "CVE-2023-0433", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-0433" }, { "cve": "CVE-2023-0464", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-0464" }, { "cve": "CVE-2023-0465", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-0465" }, { "cve": "CVE-2023-0466", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-0466" }, { "cve": "CVE-2023-0512", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-0512" }, { "cve": "CVE-2023-0590", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-0590" }, { "cve": "CVE-2023-0597", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-0597" }, { "cve": "CVE-2023-0833", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-0833" }, { "cve": "CVE-2023-1076", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1076" }, { "cve": "CVE-2023-1095", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1095" }, { "cve": "CVE-2023-1118", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1118" }, { "cve": "CVE-2023-1127", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1127" }, { "cve": "CVE-2023-1170", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1170" }, { "cve": "CVE-2023-1175", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1175" }, { "cve": "CVE-2023-1370", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1370" }, { "cve": "CVE-2023-1380", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1380" }, { "cve": "CVE-2023-1390", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1390" }, { "cve": "CVE-2023-1436", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1436" }, { "cve": "CVE-2023-1513", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1513" }, { "cve": "CVE-2023-1611", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1611" }, { "cve": "CVE-2023-1670", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1670" }, { "cve": "CVE-2023-1855", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1855" }, { "cve": "CVE-2023-1989", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1989" }, { "cve": "CVE-2023-1990", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1990" }, { "cve": "CVE-2023-1998", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-1998" }, { "cve": "CVE-2023-20862", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-20862" }, { "cve": "CVE-2023-2124", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-2124" }, { "cve": "CVE-2023-2162", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-2162" }, { "cve": "CVE-2023-2176", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-2176" }, { "cve": "CVE-2023-21830", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-21830" }, { "cve": "CVE-2023-21835", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-21835" }, { "cve": "CVE-2023-21843", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-21843" }, { "cve": "CVE-2023-21930", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-21930" }, { "cve": "CVE-2023-21937", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-21937" }, { "cve": "CVE-2023-21938", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-21938" }, { "cve": "CVE-2023-21939", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-21939" }, { "cve": "CVE-2023-2194", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-2194" }, { "cve": "CVE-2023-21954", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-21954" }, { "cve": "CVE-2023-21967", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-21967" }, { "cve": "CVE-2023-21968", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-21968" }, { "cve": "CVE-2023-22490", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-22490" }, { "cve": "CVE-2023-2253", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-2253" }, { "cve": "CVE-2023-22809", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-22809" }, { "cve": "CVE-2023-23454", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-23454" }, { "cve": "CVE-2023-23455", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-23455" }, { "cve": "CVE-2023-23559", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-23559" }, { "cve": "CVE-2023-23916", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-23916" }, { "cve": "CVE-2023-23946", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-23946" }, { "cve": "CVE-2023-24329", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-24329" }, { "cve": "CVE-2023-24532", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-24532" }, { "cve": "CVE-2023-24534", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-24534" }, { "cve": "CVE-2023-2483", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-2483" }, { "cve": "CVE-2023-24998", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-24998" }, { "cve": "CVE-2023-2513", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-2513" }, { "cve": "CVE-2023-25193", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-25193" }, { "cve": "CVE-2023-25652", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-25652" }, { "cve": "CVE-2023-25690", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-25690" }, { "cve": "CVE-2023-25809", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-25809" }, { "cve": "CVE-2023-25815", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-25815" }, { "cve": "CVE-2023-26048", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-26048" }, { "cve": "CVE-2023-26049", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-26049" }, { "cve": "CVE-2023-2650", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-2650" }, { "cve": "CVE-2023-26545", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-26545" }, { "cve": "CVE-2023-26604", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-26604" }, { "cve": "CVE-2023-27533", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-27533" }, { "cve": "CVE-2023-27534", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-27534" }, { "cve": "CVE-2023-27535", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-27535" }, { "cve": "CVE-2023-27536", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-27536" }, { "cve": "CVE-2023-27538", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-27538" }, { "cve": "CVE-2023-27561", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-27561" }, { "cve": "CVE-2023-2828", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-2828" }, { "cve": "CVE-2023-28320", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-28320" }, { "cve": "CVE-2023-28321", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-28321" }, { "cve": "CVE-2023-28322", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-28322" }, { "cve": "CVE-2023-28328", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-28328" }, { "cve": "CVE-2023-28464", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-28464" }, { "cve": "CVE-2023-28486", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-28486" }, { "cve": "CVE-2023-28487", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-28487" }, { "cve": "CVE-2023-28642", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-28642" }, { "cve": "CVE-2023-28772", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-28772" }, { "cve": "CVE-2023-28840", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-28840" }, { "cve": "CVE-2023-28841", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-28841" }, { "cve": "CVE-2023-28842", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-28842" }, { "cve": "CVE-2023-29007", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-29007" }, { "cve": "CVE-2023-29383", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-29383" }, { "cve": "CVE-2023-29402", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-29402" }, { "cve": "CVE-2023-29406", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-29406" }, { "cve": "CVE-2023-29409", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-29409" }, { "cve": "CVE-2023-2976", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-2976" }, { "cve": "CVE-2023-30630", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-30630" }, { "cve": "CVE-2023-30772", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-30772" }, { "cve": "CVE-2023-31084", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-31084" }, { "cve": "CVE-2023-3138", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-3138" }, { "cve": "CVE-2023-31436", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-31436" }, { "cve": "CVE-2023-31484", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-31484" }, { "cve": "CVE-2023-32269", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-32269" }, { "cve": "CVE-2023-32697", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-32697" }, { "cve": "CVE-2023-33264", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-33264" }, { "cve": "CVE-2023-34034", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-34034" }, { "cve": "CVE-2023-34035", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-34035" }, { "cve": "CVE-2023-34453", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-34453" }, { "cve": "CVE-2023-34454", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-34454" }, { "cve": "CVE-2023-34455", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-34455" }, { "cve": "CVE-2023-34462", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-34462" }, { "cve": "CVE-2023-35116", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-35116" }, { "cve": "CVE-2023-3635", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-3635" }, { "cve": "CVE-2023-36479", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-36479" }, { "cve": "CVE-2023-39533", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-39533" }, { "cve": "CVE-2023-40167", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-40167" }, { "cve": "CVE-2023-40217", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-40217" }, { "cve": "CVE-2023-41105", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-41105" }, { "cve": "CVE-2023-41900", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-41900" }, { "cve": "CVE-2023-43642", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-43642" }, { "cve": "CVE-2023-43804", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-43804" }, { "cve": "CVE-2023-44487", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-44487" }, { "cve": "CVE-2023-45803", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2023-45803" }, { "cve": "CVE-2024-21626", "notes": [ { "category": "description", "text": "In Dell ECS existieren mehrere Schwachstellen. Diese bestehen in diversen Komponenten von Drittanbietern. Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2024-04-04T22:00:00Z", "title": "CVE-2024-21626" } ] }
wid-sec-w-2023-2229
Vulnerability from csaf_certbund
Published
2023-08-30 22:00
Modified
2024-05-28 22:00
Summary
Splunk Splunk Enterprise: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Splunk Enterprise ermöglicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.
Angriff
Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise ausnutzen, um beliebigen Code auszuführen, einen 'Denial of Service'-Zustand zu verursachen, seine Privilegien zu erweitern und weitere, nicht spezifizierte Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Windows
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Splunk Enterprise erm\u00f6glicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen, seine Privilegien zu erweitern und weitere, nicht spezifizierte Auswirkungen zu verursachen.", "title": "Angriff" }, { "category": "general", "text": "- Linux\n- MacOS X\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-2229 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2229.json" }, { "category": "self", "summary": "WID-SEC-2023-2229 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2229" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0801" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0802" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0803" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0804" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0805" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0806" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0807" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0808" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0196-1 vom 2024-01-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017743.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-2988 vom 2024-05-28", "url": "https://linux.oracle.com/errata/ELSA-2024-2988.html" } ], "source_lang": "en-US", "title": "Splunk Splunk Enterprise: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-05-28T22:00:00.000+00:00", "generator": { "date": "2024-05-29T08:07:49.870+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-2229", "initial_release_date": "2023-08-30T22:00:00.000+00:00", "revision_history": [ { "date": "2023-08-30T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2024-01-23T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-05-28T22:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Oracle Linux aufgenommen" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c9.1.1", "product": { "name": "Splunk Splunk Enterprise \u003c9.1.1", "product_id": "T029634", "product_identification_helper": { "cpe": "cpe:/a:splunk:splunk:9.1.1" } } }, { "category": "product_version_range", "name": "\u003c9.0.6", "product": { "name": "Splunk Splunk Enterprise \u003c9.0.6", "product_id": "T029635", "product_identification_helper": { "cpe": "cpe:/a:splunk:splunk:9.0.6" } } }, { "category": "product_version_range", "name": "\u003c8.2.12", "product": { "name": "Splunk Splunk Enterprise \u003c8.2.12", "product_id": "T029636", "product_identification_helper": { "cpe": "cpe:/a:splunk:splunk:8.2.12" } } } ], "category": "product_name", "name": "Splunk Enterprise" } ], "category": "vendor", "name": "Splunk" } ] }, "vulnerabilities": [ { "cve": "CVE-2013-7489", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2013-7489" }, { "cve": "CVE-2018-10237", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2018-10237" }, { "cve": "CVE-2018-20225", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2018-20225" }, { "cve": "CVE-2019-20454", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2019-20454" }, { "cve": "CVE-2019-20838", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2019-20838" }, { "cve": "CVE-2020-14155", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-14155" }, { "cve": "CVE-2020-28469", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-28469" }, { "cve": "CVE-2020-28851", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-28851" }, { "cve": "CVE-2020-29652", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-29652" }, { "cve": "CVE-2020-8169", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-8169" }, { "cve": "CVE-2020-8177", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-8177" }, { "cve": "CVE-2020-8231", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-8231" }, { "cve": "CVE-2020-8284", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-8284" }, { "cve": "CVE-2020-8285", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-8285" }, { "cve": "CVE-2020-8286", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-8286" }, { "cve": "CVE-2020-8908", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2020-8908" }, { "cve": "CVE-2021-20066", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-20066" }, { "cve": "CVE-2021-22569", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22569" }, { "cve": "CVE-2021-22876", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22876" }, { "cve": "CVE-2021-22890", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22890" }, { "cve": "CVE-2021-22897", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22897" }, { "cve": "CVE-2021-22898", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22898" }, { "cve": "CVE-2021-22901", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22901" }, { "cve": "CVE-2021-22922", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22922" }, { "cve": "CVE-2021-22923", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22923" }, { "cve": "CVE-2021-22924", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22924" }, { "cve": "CVE-2021-22925", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22925" }, { "cve": "CVE-2021-22926", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22926" }, { "cve": "CVE-2021-22945", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22945" }, { "cve": "CVE-2021-22946", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22946" }, { "cve": "CVE-2021-22947", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-22947" }, { "cve": "CVE-2021-23343", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-23343" }, { "cve": "CVE-2021-23382", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-23382" }, { "cve": "CVE-2021-27918", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-27918" }, { "cve": "CVE-2021-27919", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-27919" }, { "cve": "CVE-2021-29060", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-29060" }, { "cve": "CVE-2021-29425", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-29425" }, { "cve": "CVE-2021-29923", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-29923" }, { "cve": "CVE-2021-31525", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-31525" }, { "cve": "CVE-2021-31566", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-31566" }, { "cve": "CVE-2021-33194", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-33194" }, { "cve": "CVE-2021-33195", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-33195" }, { "cve": "CVE-2021-33196", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-33196" }, { "cve": "CVE-2021-33197", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-33197" }, { "cve": "CVE-2021-33198", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-33198" }, { "cve": "CVE-2021-34558", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-34558" }, { "cve": "CVE-2021-3520", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-3520" }, { "cve": "CVE-2021-3572", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-3572" }, { "cve": "CVE-2021-36221", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-36221" }, { "cve": "CVE-2021-36976", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-36976" }, { "cve": "CVE-2021-3803", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-3803" }, { "cve": "CVE-2021-38297", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-38297" }, { "cve": "CVE-2021-38561", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-38561" }, { "cve": "CVE-2021-39293", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-39293" }, { "cve": "CVE-2021-41182", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-41182" }, { "cve": "CVE-2021-41183", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-41183" }, { "cve": "CVE-2021-41184", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-41184" }, { "cve": "CVE-2021-41771", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-41771" }, { "cve": "CVE-2021-41772", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-41772" }, { "cve": "CVE-2021-43565", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-43565" }, { "cve": "CVE-2021-44716", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-44716" }, { "cve": "CVE-2021-44717", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2021-44717" }, { "cve": "CVE-2022-1705", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-1705" }, { "cve": "CVE-2022-1941", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-1941" }, { "cve": "CVE-2022-1962", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-1962" }, { "cve": "CVE-2022-22576", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-22576" }, { "cve": "CVE-2022-2309", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-2309" }, { "cve": "CVE-2022-23491", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-23491" }, { "cve": "CVE-2022-23772", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-23772" }, { "cve": "CVE-2022-23773", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-23773" }, { "cve": "CVE-2022-23806", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-23806" }, { "cve": "CVE-2022-24675", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-24675" }, { "cve": "CVE-2022-24921", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-24921" }, { "cve": "CVE-2022-24999", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-24999" }, { "cve": "CVE-2022-25881", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-25881" }, { "cve": "CVE-2022-27191", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27191" }, { "cve": "CVE-2022-27536", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27536" }, { "cve": "CVE-2022-27664", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27664" }, { "cve": "CVE-2022-27774", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27774" }, { "cve": "CVE-2022-27775", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27775" }, { "cve": "CVE-2022-27776", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27776" }, { "cve": "CVE-2022-27778", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27778" }, { "cve": "CVE-2022-27779", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27779" }, { "cve": "CVE-2022-27780", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27780" }, { "cve": "CVE-2022-27781", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27781" }, { "cve": "CVE-2022-27782", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-27782" }, { "cve": "CVE-2022-28131", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-28131" }, { "cve": "CVE-2022-28327", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-28327" }, { "cve": "CVE-2022-2879", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-2879" }, { "cve": "CVE-2022-2880", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-2880" }, { "cve": "CVE-2022-29526", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-29526" }, { "cve": "CVE-2022-29804", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-29804" }, { "cve": "CVE-2022-30115", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30115" }, { "cve": "CVE-2022-30580", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30580" }, { "cve": "CVE-2022-30629", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30629" }, { "cve": "CVE-2022-30630", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30630" }, { "cve": "CVE-2022-30631", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30631" }, { "cve": "CVE-2022-30632", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30632" }, { "cve": "CVE-2022-30633", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30633" }, { "cve": "CVE-2022-30634", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30634" }, { "cve": "CVE-2022-30635", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-30635" }, { "cve": "CVE-2022-31129", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-31129" }, { "cve": "CVE-2022-3171", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-3171" }, { "cve": "CVE-2022-32148", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-32148" }, { "cve": "CVE-2022-32149", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-32149" }, { "cve": "CVE-2022-32189", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-32189" }, { "cve": "CVE-2022-32205", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-32205" }, { "cve": "CVE-2022-32206", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-32206" }, { "cve": "CVE-2022-32207", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-32207" }, { "cve": "CVE-2022-32208", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-32208" }, { "cve": "CVE-2022-32221", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-32221" }, { "cve": "CVE-2022-33987", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-33987" }, { "cve": "CVE-2022-3509", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-3509" }, { "cve": "CVE-2022-3510", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-3510" }, { "cve": "CVE-2022-3517", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-3517" }, { "cve": "CVE-2022-35252", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-35252" }, { "cve": "CVE-2022-35260", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-35260" }, { "cve": "CVE-2022-35737", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-35737" }, { "cve": "CVE-2022-36227", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-36227" }, { "cve": "CVE-2022-37599", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-37599" }, { "cve": "CVE-2022-37601", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-37601" }, { "cve": "CVE-2022-37603", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-37603" }, { "cve": "CVE-2022-38900", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-38900" }, { "cve": "CVE-2022-40023", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-40023" }, { "cve": "CVE-2022-40897", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-40897" }, { "cve": "CVE-2022-40899", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-40899" }, { "cve": "CVE-2022-41715", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-41715" }, { "cve": "CVE-2022-41716", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-41716" }, { "cve": "CVE-2022-41720", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-41720" }, { "cve": "CVE-2022-41722", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-41722" }, { "cve": "CVE-2022-42003", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-42003" }, { "cve": "CVE-2022-42004", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-42004" }, { "cve": "CVE-2022-42915", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-42915" }, { "cve": "CVE-2022-42916", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-42916" }, { "cve": "CVE-2022-43551", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-43551" }, { "cve": "CVE-2022-43552", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-43552" }, { "cve": "CVE-2022-46175", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2022-46175" }, { "cve": "CVE-2023-23914", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-23914" }, { "cve": "CVE-2023-23915", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-23915" }, { "cve": "CVE-2023-23916", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-23916" }, { "cve": "CVE-2023-24539", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-24539" }, { "cve": "CVE-2023-24540", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-24540" }, { "cve": "CVE-2023-27533", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-27533" }, { "cve": "CVE-2023-27534", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-27534" }, { "cve": "CVE-2023-27535", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-27535" }, { "cve": "CVE-2023-27536", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-27536" }, { "cve": "CVE-2023-27537", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-27537" }, { "cve": "CVE-2023-27538", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-27538" }, { "cve": "CVE-2023-29400", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-29400" }, { "cve": "CVE-2023-29402", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-29402" }, { "cve": "CVE-2023-29403", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-29403" }, { "cve": "CVE-2023-29404", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-29404" }, { "cve": "CVE-2023-29405", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-29405" }, { "cve": "CVE-2023-40592", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-40592" }, { "cve": "CVE-2023-40593", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-40593" }, { "cve": "CVE-2023-40594", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-40594" }, { "cve": "CVE-2023-40595", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-40595" }, { "cve": "CVE-2023-40596", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-40596" }, { "cve": "CVE-2023-40597", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-40597" }, { "cve": "CVE-2023-40598", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T002207", "T004914" ] }, "release_date": "2023-08-30T22:00:00Z", "title": "CVE-2023-40598" } ] }
gsd-2021-33194
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2021-33194", "description": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.", "id": "GSD-2021-33194", "references": [ "https://www.suse.com/security/cve/CVE-2021-33194.html", "https://access.redhat.com/errata/RHSA-2021:4627", "https://access.redhat.com/errata/RHSA-2021:3759", "https://access.redhat.com/errata/RHSA-2021:2438", "https://security.archlinux.org/CVE-2021-33194" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2021-33194" ], "details": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.", "id": "GSD-2021-33194", "modified": "2023-12-13T01:23:18.409288Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-33194", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", "refsource": "CONFIRM", "url": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg" }, { "name": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", "refsource": "MISC", "url": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7" }, { "name": "FEDORA-2022-17d004ed71", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "\u003c0.0.0-20210520170846-37e1c6afe023", "affected_versions": "All versions before 0.0.0-20210520170846-37e1c6afe023", "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cwe_ids": [ "CWE-1035", "CWE-835", "CWE-937" ], "date": "2023-02-24", "description": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.", "fixed_versions": [ "0.0.0-20210520170846-37e1c6afe023" ], "identifier": "CVE-2021-33194", "identifiers": [ "GHSA-83g2-8m93-v3w7", "CVE-2021-33194" ], "not_impacted": "All versions starting from 0.0.0-20210520170846-37e1c6afe023", "package_slug": "go/golang.org/x/net", "pubdate": "2022-05-24", "solution": "Upgrade to version 0.0.0-20210520170846-37e1c6afe023 or above.", "title": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", "https://go.dev/cl/311090", "https://go.dev/issue/46288", "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", "https://pkg.go.dev/vuln/GO-2021-0238", "https://github.com/advisories/GHSA-83g2-8m93-v3w7" ], "uuid": "4e4cc4f8-57bb-4ff0-9e96-4974e6ea403f" }, { "affected_range": "\u003c0.0.0-20210520170846-37e1c6afe023", "affected_versions": "All versions before 0.0.0-20210520170846-37e1c6afe023", "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cwe_ids": [ "CWE-1035", "CWE-835", "CWE-937" ], "date": "2023-02-08", "description": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input.", "fixed_versions": [ "0.0.0-20210520170846-37e1c6afe023" ], "identifier": "CVE-2021-33194", "identifiers": [ "GHSA-83g2-8m93-v3w7", "CVE-2021-33194" ], "not_impacted": "All versions starting from 0.0.0-20210520170846-37e1c6afe023", "package_slug": "go/golang.org/x/net/html", "pubdate": "2022-05-24", "solution": "Upgrade to version 0.0.0-20210520170846-37e1c6afe023 or above.", "title": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2021-33194", "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/", "https://go.dev/cl/311090", "https://go.dev/issue/46288", "https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7", "https://pkg.go.dev/vuln/GO-2021-0238", "https://github.com/advisories/GHSA-83g2-8m93-v3w7" ], "uuid": "74ecd387-8cba-44b4-942d-78f9c57a0887" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.16.4", "versionStartIncluding": "1.16.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.15.12", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-33194" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-835" } ] } ] }, "references": { "reference_data": [ { "name": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://groups.google.com/g/golang-announce/c/wPunbCPkWUg" }, { "name": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7", "refsource": "MISC", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7" }, { "name": "FEDORA-2022-17d004ed71", "refsource": "FEDORA", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } }, "lastModifiedDate": "2022-06-03T19:29Z", "publishedDate": "2021-05-26T15:15Z" } } }
Loading...