Action not permitted
Modal body text goes here.
cve-2021-33502
Vulnerability from cvelistv5
Published
2021-05-24 15:42
Modified
2024-08-03 23:50
Severity ?
EPSS score ?
Summary
The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1 | Release Notes, Third Party Advisory | |
cve@mitre.org | https://security.netapp.com/advisory/ntap-20210706-0001/ | Third Party Advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T23:50:43.171Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20210706-0001/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-06T07:06:20", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20210706-0001/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-33502", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1", "refsource": "CONFIRM", "url": "https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1" }, { "name": "https://security.netapp.com/advisory/ntap-20210706-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210706-0001/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-33502", "datePublished": "2021-05-24T15:42:34", "dateReserved": "2021-05-21T00:00:00", "dateUpdated": "2024-08-03T23:50:43.171Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2021-33502\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-05-24T16:15:08.133\",\"lastModified\":\"2023-08-08T14:22:24.967\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs.\"},{\"lang\":\"es\",\"value\":\"El paquete normalize-url versiones anteriores a 4.5.1, versiones 5.x anteriores a 5.3.1 y versiones 6.x anteriores a 6.0.1 para Node.js, presenta un problema de ReDoS (denegaci\u00f3n de servicio de expresi\u00f3n regular) porque presenta un rendimiento exponencial para los datos: URL\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1333\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:normalize-url_project:normalize-url:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"4.3.0\",\"versionEndExcluding\":\"4.5.1\",\"matchCriteriaId\":\"D145BD47-40EB-47D1-AD85-6835DC79A26D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:normalize-url_project:normalize-url:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndExcluding\":\"5.3.1\",\"matchCriteriaId\":\"E705C4D9-60F3-4460-B49A-3923C56D2979\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:normalize-url_project:normalize-url:6.0.0:*:*:*:*:node.js:*:*\",\"matchCriteriaId\":\"007B5F3D-FF0E-42A0-AD39-2C2009E7045E\"}]}]}],\"references\":[{\"url\":\"https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210706-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
rhsa-2022_0350
Vulnerability from csaf_redhat
Published
2022-02-01 21:18
Modified
2024-11-06 00:23
Summary
Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (14.18.2), nodejs-nodemon (2.0.15). (BZ#2027609)
Security Fix(es):
* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)
* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)
* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)
* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)
* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)
* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (14.18.2), nodejs-nodemon (2.0.15). (BZ#2027609)\n\nSecurity Fix(es):\n\n* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)\n\n* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)\n\n* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)\n\n* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)\n\n* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:0350", "url": "https://access.redhat.com/errata/RHSA-2022:0350" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1907444", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444" }, { "category": "external", "summary": "1945459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459" }, { "category": "external", "summary": "1964461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461" }, { "category": "external", "summary": "1999731", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731" }, { "category": "external", "summary": "1999739", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739" }, { "category": "external", "summary": "2007557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557" }, { "category": "external", "summary": "2014057", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057" }, { "category": "external", "summary": "2014059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059" }, { "category": "external", "summary": "2024702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0350.json" } ], "title": "Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-06T00:23:55+00:00", "generator": { "date": "2024-11-06T00:23:55+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2022:0350", "initial_release_date": "2022-02-01T21:18:22+00:00", "revision_history": [ { "date": "2022-02-01T21:18:22+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-02-01T21:18:22+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T00:23:55+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nodejs:14:8050020211213115342:c5368500", "product": { "name": "nodejs:14:8050020211213115342:c5368500", "product_id": "nodejs:14:8050020211213115342:c5368500", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/nodejs@14:8050020211213115342:c5368500" } } }, { "category": "product_version", "name": "nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "product": { "name": "nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "product_id": "nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-docs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "product": { "name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.5.0%2B13504%2Ba2e74d91?arch=noarch" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "product": { "name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "product_id": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "product": { "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "product": { "name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "product": { "name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "product_id": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "product": { "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "product": { "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "product": { "name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "product_id": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "product": { "name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.5.0%2B13504%2Ba2e74d91?arch=src" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "product": { "name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "product_id": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "product": { "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "product": { "name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "product": { "name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "product_id": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "product": { "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "product": { "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "product": { "name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "product_id": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "product": { "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "product": { "name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "product": { "name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "product_id": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "product": { "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "product": { "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "product": { "name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "product_id": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "product": { "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "product": { "name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "product": { "name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "product_id": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "product": { "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64", "product": { "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64", "product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.5.0%2B13644%2B8d46dafd?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, "product_reference": "nodejs:14:8050020211213115342:c5368500", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64" }, "product_reference": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le" }, "product_reference": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x" }, "product_reference": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src" }, "product_reference": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64" }, "product_reference": "nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64" }, "product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le" }, "product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x" }, "product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64" }, "product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64" }, "product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le" }, "product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x" }, "product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64" }, "product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64" }, "product_reference": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le" }, "product_reference": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x" }, "product_reference": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64" }, "product_reference": "nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch" }, "product_reference": "nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64" }, "product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le" }, "product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x" }, "product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64" }, "product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch" }, "product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src" }, "product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64" }, "product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le" }, "product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x" }, "product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64 as a component of nodejs:14:8050020211213115342:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" }, "product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-7788", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-12-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1907444" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-ini. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ini: Prototype pollution via malicious INI file", "title": "Vulnerability summary" }, { "category": "other", "text": "Node.JS packages in Red Hat Enterprise Linux and Red Hat Software Collections included the vulnerable dependency packaged in \"nodejs-npm\" component. Processing malicious files using npm could potentially trigger this vulnerability. The \"ini\" package bundled with npm was not in the library path where it could be included directly in other programs.\n\nThe nodejs-nodemon packages in Red Hat Enterprise Linux and Red Hat Software Collections are affected by this vulnerability as they bundle the nodejs-ini library. Usage of that library is governed by nodemon itself, so applications started by nodemon are not impacted. Further, nodemon is a developer tool not intended to be used in production.\n\nThe ini package is included in Red Hat Quay by protractor and webpack-cli, both of which are dev dependencies.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-7788" }, { "category": "external", "summary": "RHBZ#1907444", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7788", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7788" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788" } ], "release_date": "2020-12-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-01T21:18:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0350" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-ini: Prototype pollution via malicious INI file" }, { "cve": "CVE-2020-28469", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-04-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1945459" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent function. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-glob-parent: Regular expression denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "While some components do package a vulnerable version of glob-parent, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n - OpenShift distributed tracing", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-28469" }, { "category": "external", "summary": "RHBZ#1945459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28469", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28469" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905", "url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905" } ], "release_date": "2021-01-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-01T21:18:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0350" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-glob-parent: Regular expression denial of service" }, { "cve": "CVE-2021-3807", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-09-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2007557" } ], "notes": [ { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3807" }, { "category": "external", "summary": "RHBZ#2007557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3807" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" }, { "category": "external", "summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994", "url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994" } ], "release_date": "2021-09-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-01T21:18:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0350" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes" }, { "cve": "CVE-2021-3918", "cwe": { "id": "CWE-915", "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes" }, "discovery_date": "2021-11-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2024702" } ], "notes": [ { "category": "description", "text": "The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-json-schema: Prototype pollution vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "npm versions 8.0.0 and older provide a vulnerable version of the json-schema library. However, it is currently believed that in the context of npm, it is not possible to take advantage of the vulnerability.\n\nRed Hat Enterprise Linux version 8 and Software Collections provide a vulnerable version of the json-schema library only as embedded in the npm package. As a result, the severity of the incident has been lowered for these 2 products.\n\nRed Hat Quay includes json-schema as a development dependency of quay-registry-container. As a result, the impact rating has been lowered to Moderate.\n\nIn Red Hat OpenShift Container Platform (RHOCP), Red Hat Openshift Data Foundations (ODF), Red Hat distributed tracing, Migration Toolkit for Virtualization (MTV) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth. This restricts access to the vulnerable json-schema library to authenticated users only, therefore the impact is reduced to Moderate.\n\nIn Red Hat Openshift Data Foundations (ODF) the odf4/mcg-core-rhel8 component has \"Will not fix status\", but starting from ODF 4.11 stream this component contains already patched version of the json-schema library. Earlier version of ODF are already under Maintenance Support phase, hence this vulnerability will not be fixed.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3918" }, { "category": "external", "summary": "RHBZ#2024702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3918", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3918" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918" } ], "release_date": "2021-10-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-01T21:18:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0350" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-json-schema: Prototype pollution vulnerability" }, { "cve": "CVE-2021-22959", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2021-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2014057" } ], "notes": [ { "category": "description", "text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. Spaces as part of the header names were accepted as valid. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "llhttp: HTTP Request Smuggling due to spaces in headers", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-22959" }, { "category": "external", "summary": "RHBZ#2014057", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-22959", "url": "https://www.cve.org/CVERecord?id=CVE-2021-22959" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/" } ], "release_date": "2021-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-01T21:18:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0350" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "llhttp: HTTP Request Smuggling due to spaces in headers" }, { "cve": "CVE-2021-22960", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2021-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2014059" } ], "notes": [ { "category": "description", "text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. During the parsing of chunked messages, the chunk size parameter was not validated properly. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-22960" }, { "category": "external", "summary": "RHBZ#2014059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-22960", "url": "https://www.cve.org/CVERecord?id=CVE-2021-22960" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/" } ], "release_date": "2021-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-01T21:18:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0350" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests" }, { "cve": "CVE-2021-33502", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-05-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1964461" } ], "notes": [ { "category": "description", "text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-normalize-url: ReDoS for data URLs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-33502" }, { "category": "external", "summary": "RHBZ#1964461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33502" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539", "url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539" } ], "release_date": "2021-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-01T21:18:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0350" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-normalize-url: ReDoS for data URLs" }, { "cve": "CVE-2021-37701", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2021-08-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1999731" } ], "notes": [ { "category": "description", "text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain both a directory and a symlink with the same name, where the symlink and directory names in the archive entry used backslashes as a path separator, made it possible to bypass node-tar symlink checks on directories. This flaw allows an untrusted tar file to extract and overwrite files into an arbitrary location. A similar confusion can arise on case-insensitive filesystems. The highest threat from this vulnerability is to integrity and system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-37701" }, { "category": "external", "summary": "RHBZ#1999731", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-37701", "url": "https://www.cve.org/CVERecord?id=CVE-2021-37701" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701" }, { "category": "external", "summary": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc", "url": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc" }, { "category": "external", "summary": "https://www.npmjs.com/advisories/1779", "url": "https://www.npmjs.com/advisories/1779" } ], "release_date": "2021-08-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-01T21:18:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0350" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite" }, { "cve": "CVE-2021-37712", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2021-08-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1999739" } ], "notes": [ { "category": "description", "text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain two directories and a symlink with names containing Unicode values that normalize to the same value on Windows systems made it possible to bypass node-tar symlink checks on directories. This allows an untrusted tar file to extract and overwrite files into an arbitrary location. The highest threat from this vulnerability is to integrity and system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-37712" }, { "category": "external", "summary": "RHBZ#1999739", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-37712", "url": "https://www.cve.org/CVERecord?id=CVE-2021-37712" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712" }, { "category": "external", "summary": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p", "url": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p" }, { "category": "external", "summary": "https://www.npmjs.com/advisories/1780", "url": "https://www.npmjs.com/advisories/1780" } ], "release_date": "2021-08-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-01T21:18:22+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0350" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debuginfo-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-debugsource-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-devel-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-docs-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-full-i18n-1:14.18.2-2.module+el8.5.0+13644+8d46dafd.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13504+a2e74d91.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:14:8050020211213115342:c5368500:npm-1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite" } ] }
rhsa-2022_4711
Vulnerability from csaf_redhat
Published
2022-05-26 16:25
Modified
2024-11-06 00:56
Summary
Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update
Notes
Topic
Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
Security Fix(es):
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* jquery-ui: XSS in the altField option of the datepicker widget (CVE-2021-41182)
* jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)
* jquery-ui: XSS in the 'of' option of the .position() util (CVE-2021-41184)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
A list of bugs fixed in this update is available in the Technical Notes book:
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.\n\nSecurity Fix(es):\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* jquery-ui: XSS in the altField option of the datepicker widget (CVE-2021-41182)\n\n* jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)\n\n* jquery-ui: XSS in the \u0027of\u0027 option of the .position() util (CVE-2021-41184)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nA list of bugs fixed in this update is available in the Technical Notes book:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:4711", "url": "https://access.redhat.com/errata/RHSA-2022:4711" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes", "url": "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes" }, { "category": "external", "summary": "655153", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=655153" }, { "category": "external", "summary": "977778", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=977778" }, { "category": "external", "summary": "1624015", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1624015" }, { "category": "external", "summary": "1648985", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1648985" }, { "category": "external", "summary": "1667517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667517" }, { "category": "external", "summary": "1687845", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687845" }, { "category": "external", "summary": "1781241", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781241" }, { "category": "external", "summary": "1782056", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782056" }, { "category": "external", "summary": "1849169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849169" }, { "category": "external", "summary": "1878930", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1878930" }, { "category": "external", "summary": "1922977", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922977" }, { "category": "external", "summary": "1926625", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1926625" }, { "category": "external", "summary": "1927985", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927985" }, { "category": "external", "summary": "1944290", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944290" }, { "category": "external", "summary": "1944834", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944834" }, { "category": "external", "summary": "1956295", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956295" }, { "category": "external", "summary": "1959186", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959186" }, { "category": "external", "summary": "1964208", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964208" }, { "category": "external", "summary": "1964461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461" }, { "category": "external", "summary": "1971622", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1971622" }, { "category": "external", "summary": "1974741", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974741" }, { "category": "external", "summary": "1979441", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979441" }, { "category": "external", "summary": "1979797", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979797" }, { "category": "external", "summary": "1980192", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1980192" }, { "category": "external", "summary": "1986726", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986726" }, { "category": "external", "summary": "1986834", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986834" }, { "category": "external", "summary": "1987121", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1987121" }, { "category": "external", "summary": "1988496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1988496" }, { "category": "external", "summary": "1990462", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990462" }, { "category": "external", "summary": "1991240", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991240" }, { "category": "external", "summary": "1995793", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995793" }, { "category": "external", "summary": "1996123", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1996123" }, { "category": "external", "summary": "1998255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1998255" }, { "category": "external", "summary": "1999698", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999698" }, { "category": "external", "summary": "2000031", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000031" }, { "category": "external", "summary": "2002283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2002283" }, { "category": "external", "summary": "2003883", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003883" }, { "category": "external", "summary": "2003996", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2003996" }, { "category": "external", "summary": "2006602", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006602" }, { "category": "external", "summary": "2006745", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006745" }, { "category": "external", "summary": "2007384", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007384" }, { "category": "external", "summary": "2007557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557" }, { "category": "external", "summary": "2008798", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008798" }, { "category": "external", "summary": "2010203", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010203" }, { "category": "external", "summary": "2010903", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010903" }, { "category": "external", "summary": "2013928", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013928" }, { "category": "external", "summary": "2014888", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014888" }, { "category": "external", "summary": "2015796", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015796" }, { "category": "external", "summary": "2019144", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019144" }, { "category": "external", "summary": "2019148", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019148" }, { "category": "external", "summary": "2019153", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019153" }, { "category": "external", "summary": "2021217", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021217" }, { "category": "external", "summary": "2023250", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2023250" }, { "category": "external", "summary": "2023786", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2023786" }, { "category": "external", "summary": "2024202", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024202" }, { "category": "external", "summary": "2025936", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025936" }, { "category": "external", "summary": "2030596", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030596" }, { "category": "external", "summary": "2030663", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030663" }, { "category": "external", "summary": "2031027", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031027" }, { "category": "external", "summary": "2035051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2035051" }, { "category": "external", "summary": "2037115", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037115" }, { "category": "external", "summary": "2037121", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2037121" }, { "category": "external", "summary": "2040361", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040361" }, { "category": "external", "summary": "2040402", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040402" }, { "category": "external", "summary": "2040474", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040474" }, { "category": "external", "summary": "2041544", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041544" }, { "category": "external", "summary": "2043146", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043146" }, { "category": "external", "summary": "2044273", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044273" }, { "category": "external", "summary": "2048546", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048546" }, { "category": "external", "summary": "2050566", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050566" }, { "category": "external", "summary": "2050614", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050614" }, { "category": "external", "summary": "2051857", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2051857" }, { "category": "external", "summary": "2052557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052557" }, { "category": "external", "summary": "2052690", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052690" }, { "category": "external", "summary": "2054756", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2054756" }, { "category": "external", "summary": "2055136", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055136" }, { "category": "external", "summary": "2056021", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056021" }, { "category": "external", "summary": "2056052", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056052" }, { "category": "external", "summary": "2056126", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056126" }, { "category": "external", "summary": "2058264", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058264" }, { "category": "external", "summary": "2059521", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2059521" }, { "category": "external", "summary": "2059877", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2059877" }, { "category": "external", "summary": "2061904", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061904" }, { "category": "external", "summary": "2065052", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2065052" }, { "category": "external", "summary": "2066084", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066084" }, { "category": "external", "summary": "2066283", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066283" }, { "category": "external", "summary": "2069972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069972" }, { "category": "external", "summary": "2070156", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2070156" }, { "category": "external", "summary": "2071468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2071468" }, { "category": "external", "summary": "2072637", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072637" }, { "category": "external", "summary": "2072639", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072639" }, { "category": "external", "summary": "2072641", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072641" }, { "category": "external", "summary": "2072642", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072642" }, { "category": "external", "summary": "2072645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072645" }, { "category": "external", "summary": "2072646", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072646" }, { "category": "external", "summary": "2075352", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075352" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4711.json" } ], "title": "Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update", "tracking": { "current_release_date": "2024-11-06T00:56:07+00:00", "generator": { "date": "2024-11-06T00:56:07+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2022:4711", "initial_release_date": "2022-05-26T16:25:03+00:00", "revision_history": [ { "date": "2022-05-26T16:25:03+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-05-26T16:25:03+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T00:56:07+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product": { "name": "RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhev_manager:4.4:el8" } } } ], "category": "product_family", "name": "Red Hat Virtualization" }, { "branches": [ { "category": "product_version", "name": "ovirt-dependencies-0:4.5.1-1.el8ev.src", "product": { "name": "ovirt-dependencies-0:4.5.1-1.el8ev.src", "product_id": "ovirt-dependencies-0:4.5.1-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-dependencies@4.5.1-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-log-collector-0:4.4.5-1.el8ev.src", "product": { "name": "ovirt-log-collector-0:4.4.5-1.el8ev.src", "product_id": "ovirt-log-collector-0:4.4.5-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-log-collector@4.4.5-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "product": { "name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "product_id": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.13-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "engine-db-query-0:1.6.4-1.el8ev.src", "product": { "name": "engine-db-query-0:1.6.4-1.el8ev.src", "product_id": "engine-db-query-0:1.6.4-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/engine-db-query@1.6.4-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "product": { "name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "product_id": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/vdsm-jsonrpc-java@1.7.1-2.el8ev?arch=src" } } }, { "category": "product_version", "name": "apache-sshd-1:2.8.0-0.1.el8ev.src", "product": { "name": "apache-sshd-1:2.8.0-0.1.el8ev.src", "product_id": "apache-sshd-1:2.8.0-0.1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-sshd@2.8.0-0.1.el8ev?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "product": { "name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "product_id": "rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm-setup-plugins@4.5.0-2.el8ev?arch=src" } } }, { "category": "product_version", "name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "product": { "name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "product_id": "rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm-branding-rhv@4.4.11-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "product": { "name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "product_id": "ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.5.2-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-web-ui-0:1.8.1-2.el8ev.src", "product": { "name": "ovirt-web-ui-0:1.8.1-2.el8ev.src", "product_id": "ovirt-web-ui-0:1.8.1-2.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-web-ui@1.8.1-2.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "product": { "name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "product_id": "ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-metrics@1.6.0-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ansible-runner-0:2.1.3-1.el8ev.src", "product": { "name": "ansible-runner-0:2.1.3-1.el8ev.src", "product_id": "ansible-runner-0:2.1.3-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ansible-runner@2.1.3-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "product": { "name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "product_id": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.3-1.el8ev?arch=src" } } }, { "category": "product_version", "name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "product": { "name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "product_id": "ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine@4.5.0.7-0.9.el8ev?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "product": { "name": "ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "product_id": "ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-dependencies@4.5.1-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "product": { "name": "ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "product_id": "ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-log-collector@4.4.5-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "product": { "name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "product_id": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhv-log-collector-analyzer@1.0.13-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "engine-db-query-0:1.6.4-1.el8ev.noarch", "product": { "name": "engine-db-query-0:1.6.4-1.el8ev.noarch", "product_id": "engine-db-query-0:1.6.4-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/engine-db-query@1.6.4-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "product": { "name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "product_id": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/vdsm-jsonrpc-java@1.7.1-2.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", "product": { "name": "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", "product_id": "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/vdsm-jsonrpc-java-javadoc@1.7.1-2.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "apache-sshd-1:2.8.0-0.1.el8ev.noarch", "product": { "name": "apache-sshd-1:2.8.0-0.1.el8ev.noarch", "product_id": "apache-sshd-1:2.8.0-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-sshd@2.8.0-0.1.el8ev?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "product": { "name": "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "product_id": "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/apache-sshd-javadoc@2.8.0-0.1.el8ev?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "product": { "name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "product_id": "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm-setup-plugins@4.5.0-2.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "product": { "name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "product_id": "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm-branding-rhv@4.4.11-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "product": { "name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "product_id": "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dwh@4.5.2-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "product": { "name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "product_id": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dwh-grafana-integration-setup@4.5.2-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "product": { "name": "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "product_id": "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dwh-setup@4.5.2-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "product": { "name": "ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "product_id": "ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-web-ui@1.8.1-2.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "product": { "name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "product_id": "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-metrics@1.6.0-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ansible-runner-0:2.1.3-1.el8ev.noarch", "product": { "name": "ansible-runner-0:2.1.3-1.el8ev.noarch", "product_id": "ansible-runner-0:2.1.3-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ansible-runner@2.1.3-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "product": { "name": "python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "product_id": "python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python38-ansible-runner@2.1.3-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "product": { "name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "product_id": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.3-1.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-backend@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-dbscripts@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-health-check-bundler@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-restapi@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-base@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-tools@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-tools-backup@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-webadmin-portal@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/ovirt-engine-websocket-proxy@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-ovirt-engine-lib@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "rhvm-0:4.5.0.7-0.9.el8ev.noarch", "product": { "name": "rhvm-0:4.5.0.7-0.9.el8ev.noarch", "product_id": "rhvm-0:4.5.0.7-0.9.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhvm@4.5.0.7-0.9.el8ev?arch=noarch" } } }, { "category": "product_version", "name": "python38-docutils-0:0.14-12.4.el8ev.noarch", "product": { "name": "python38-docutils-0:0.14-12.4.el8ev.noarch", "product_id": "python38-docutils-0:0.14-12.4.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python38-docutils@0.14-12.4.el8ev?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "ansible-runner-0:2.1.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch" }, "product_reference": "ansible-runner-0:2.1.3-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ansible-runner-0:2.1.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src" }, "product_reference": "ansible-runner-0:2.1.3-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-sshd-1:2.8.0-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch" }, "product_reference": "apache-sshd-1:2.8.0-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-sshd-1:2.8.0-0.1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src" }, "product_reference": "apache-sshd-1:2.8.0-0.1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch" }, "product_reference": "apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "engine-db-query-0:1.6.4-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch" }, "product_reference": "engine-db-query-0:1.6.4-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "engine-db-query-0:1.6.4-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src" }, "product_reference": "engine-db-query-0:1.6.4-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-dependencies-0:4.5.1-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch" }, "product_reference": "ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-dependencies-0:4.5.1-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src" }, "product_reference": "ovirt-dependencies-0:4.5.1-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-0:4.5.0.7-0.9.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src" }, "product_reference": "ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch" }, "product_reference": "ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dwh-0:4.5.2-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src" }, "product_reference": "ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch" }, "product_reference": "ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch" }, "product_reference": "ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch" }, "product_reference": "ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-metrics-0:1.6.0-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src" }, "product_reference": "ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch" }, "product_reference": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src" }, "product_reference": "ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-log-collector-0:4.4.5-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch" }, "product_reference": "ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-log-collector-0:4.4.5-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src" }, "product_reference": "ovirt-log-collector-0:4.4.5-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-web-ui-0:1.8.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch" }, "product_reference": "ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "ovirt-web-ui-0:1.8.1-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src" }, "product_reference": "ovirt-web-ui-0:1.8.1-2.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python38-ansible-runner-0:2.1.3-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch" }, "product_reference": "python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python38-docutils-0:0.14-12.4.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch" }, "product_reference": "python38-docutils-0:0.14-12.4.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch" }, "product_reference": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src" }, "product_reference": "rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-0:4.5.0.7-0.9.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch" }, "product_reference": "rhvm-0:4.5.0.7-0.9.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch" }, "product_reference": "rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-branding-rhv-0:4.4.11-1.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src" }, "product_reference": "rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch" }, "product_reference": "rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "rhvm-setup-plugins-0:4.5.0-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src" }, "product_reference": "rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch" }, "product_reference": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src" }, "product_reference": "vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "relates_to_product_reference": "8Base-RHV-S-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch as a component of RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4", "product_id": "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch" }, "product_reference": "vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-S-4.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-3807", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-09-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2007557" } ], "notes": [ { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3807" }, { "category": "external", "summary": "RHBZ#2007557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3807" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" }, { "category": "external", "summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994", "url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994" } ], "release_date": "2021-09-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-05-26T16:25:03+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:4711" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes" }, { "cve": "CVE-2021-23425", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-08-18T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1995793" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-trim-off-newlines. All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-trim-off-newlines: ReDoS via string processing", "title": "Vulnerability summary" }, { "category": "other", "text": "The Red Hat Directory Server 11 Web UI requires trim-off-newlines as a dependency, but it is not used in the 389-ds cockpit plugin, and not shipped as part of the RPM binary. Thus Red Hat Directory Server 11 is not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23425" }, { "category": "external", "summary": "RHBZ#1995793", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995793" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23425", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23425" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23425", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23425" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850", "url": "https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850" } ], "release_date": "2021-05-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-05-26T16:25:03+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:4711" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-trim-off-newlines: ReDoS via string processing" }, { "cve": "CVE-2021-33502", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-05-24T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1964461" } ], "notes": [ { "category": "description", "text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-normalize-url: ReDoS for data URLs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-33502" }, { "category": "external", "summary": "RHBZ#1964461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33502" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539", "url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539" } ], "release_date": "2021-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-05-26T16:25:03+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:4711" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-normalize-url: ReDoS for data URLs" }, { "cve": "CVE-2021-41182", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2021-10-26T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2019144" } ], "notes": [ { "category": "description", "text": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery-ui: XSS in the altField option of the datepicker widget", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-41182" }, { "category": "external", "summary": "RHBZ#2019144", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019144" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-41182", "url": "https://www.cve.org/CVERecord?id=CVE-2021-41182" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41182", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41182" } ], "release_date": "2021-10-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-05-26T16:25:03+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:4711" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery-ui: XSS in the altField option of the datepicker widget" }, { "cve": "CVE-2021-41183", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2021-10-26T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2019148" } ], "notes": [ { "category": "description", "text": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery-ui: XSS in *Text options of the datepicker widget", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-41183" }, { "category": "external", "summary": "RHBZ#2019148", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019148" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-41183", "url": "https://www.cve.org/CVERecord?id=CVE-2021-41183" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41183", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41183" } ], "release_date": "2021-10-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-05-26T16:25:03+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:4711" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery-ui: XSS in *Text options of the datepicker widget" }, { "cve": "CVE-2021-41184", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2021-10-26T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2019153" } ], "notes": [ { "category": "description", "text": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery-ui: XSS in the \u0027of\u0027 option of the .position() util", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch" ], "known_not_affected": [ "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ansible-runner-0:2.1.3-1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:apache-sshd-1:2.8.0-0.1.el8ev.src", "8Base-RHV-S-4.4:apache-sshd-javadoc-1:2.8.0-0.1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.noarch", "8Base-RHV-S-4.4:engine-db-query-0:1.6.4-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-dependencies-0:4.5.1-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-0:4.5.2-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-dwh-grafana-integration-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dwh-setup-0:4.5.2-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-metrics-0:1.6.0-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-ui-extensions-0:1.3.3-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-log-collector-0:4.4.5-1.el8ev.src", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-web-ui-0:1.8.1-2.el8ev.src", "8Base-RHV-S-4.4:python38-ansible-runner-0:2.1.3-1.el8ev.noarch", "8Base-RHV-S-4.4:python38-docutils-0:0.14-12.4.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.noarch", "8Base-RHV-S-4.4:rhv-log-collector-analyzer-0:1.0.13-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-branding-rhv-0:4.4.11-1.el8ev.src", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-setup-plugins-0:4.5.0-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.noarch", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-0:1.7.1-2.el8ev.src", "8Base-RHV-S-4.4:vdsm-jsonrpc-java-javadoc-0:1.7.1-2.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-41184" }, { "category": "external", "summary": "RHBZ#2019153", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019153" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-41184", "url": "https://www.cve.org/CVERecord?id=CVE-2021-41184" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41184", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41184" } ], "release_date": "2021-10-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-05-26T16:25:03+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:4711" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-0:4.5.0.7-0.9.el8ev.src", "8Base-RHV-S-4.4:ovirt-engine-backend-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-dbscripts-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-health-check-bundler-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-restapi-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-base-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-cinderlib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-imageio-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-ovirt-engine-common-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-setup-plugin-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-tools-backup-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-vmconsole-proxy-helper-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-webadmin-portal-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:ovirt-engine-websocket-proxy-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:python3-ovirt-engine-lib-0:4.5.0.7-0.9.el8ev.noarch", "8Base-RHV-S-4.4:rhvm-0:4.5.0.7-0.9.el8ev.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jquery-ui: XSS in the \u0027of\u0027 option of the .position() util" } ] }
rhsa-2022_0246
Vulnerability from csaf_redhat
Published
2022-01-25 09:28
Modified
2024-11-06 00:22
Summary
Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (14.18.2), nodejs-nodemon (2.0.15). (BZ#2027608)
Security Fix(es):
* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)
* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)
* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)
* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)
* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)
* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (14.18.2), nodejs-nodemon (2.0.15). (BZ#2027608)\n\nSecurity Fix(es):\n\n* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)\n\n* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37701)\n\n* nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite (CVE-2021-37712)\n\n* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)\n\n* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:0246", "url": "https://access.redhat.com/errata/RHSA-2022:0246" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1907444", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444" }, { "category": "external", "summary": "1945459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459" }, { "category": "external", "summary": "1964461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461" }, { "category": "external", "summary": "1999731", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731" }, { "category": "external", "summary": "1999739", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739" }, { "category": "external", "summary": "2007557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557" }, { "category": "external", "summary": "2014057", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057" }, { "category": "external", "summary": "2014059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059" }, { "category": "external", "summary": "2024702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0246.json" } ], "title": "Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-06T00:22:33+00:00", "generator": { "date": "2024-11-06T00:22:33+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2022:0246", "initial_release_date": "2022-01-25T09:28:51+00:00", "revision_history": [ { "date": "2022-01-25T09:28:51+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-01-25T09:28:51+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T00:22:33+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product": { "name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:8.4::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nodejs:14:8040020211213111158:522a0ee4", "product": { "name": "nodejs:14:8040020211213111158:522a0ee4", "product_id": "nodejs:14:8040020211213111158:522a0ee4", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/nodejs@14:8040020211213111158:522a0ee4" } } }, { "category": "product_version", "name": "nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "product": { "name": "nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "product_id": "nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-docs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "product": { "name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.4.0%2B13503%2Bfc29810b?arch=noarch" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "product": { "name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "product_id": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "product": { "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "product": { "name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "product": { "name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "product_id": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "product": { "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "product": { "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "product": { "name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "product_id": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "product": { "name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.4.0%2B13503%2Bfc29810b?arch=src" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product": { "name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product_id": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product": { "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product": { "name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product": { "name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product_id": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product": { "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product": { "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "product": { "name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "product_id": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "product": { "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "product": { "name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "product": { "name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "product_id": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "product": { "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "product": { "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "product": { "name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "product_id": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "product": { "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "product_id": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "product": { "name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "product_id": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "product": { "name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "product_id": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "product": { "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "product_id": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.18.2-2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64", "product": { "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64", "product_id": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.15-1.14.18.2.2.module%2Bel8.4.0%2B13643%2B6c0ebf22?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, "product_reference": "nodejs:14:8040020211213111158:522a0ee4", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64" }, "product_reference": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le" }, "product_reference": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x" }, "product_reference": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src" }, "product_reference": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64" }, "product_reference": "nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64" }, "product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le" }, "product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x" }, "product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64" }, "product_reference": "nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64" }, "product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le" }, "product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x" }, "product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64" }, "product_reference": "nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64" }, "product_reference": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le" }, "product_reference": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x" }, "product_reference": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64" }, "product_reference": "nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch" }, "product_reference": "nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64" }, "product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le" }, "product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x" }, "product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64" }, "product_reference": "nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch" }, "product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src" }, "product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64" }, "product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le" }, "product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x" }, "product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64 as a component of nodejs:14:8040020211213111158:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" }, "product_reference": "npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-7788", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-12-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1907444" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-ini. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ini: Prototype pollution via malicious INI file", "title": "Vulnerability summary" }, { "category": "other", "text": "Node.JS packages in Red Hat Enterprise Linux and Red Hat Software Collections included the vulnerable dependency packaged in \"nodejs-npm\" component. Processing malicious files using npm could potentially trigger this vulnerability. The \"ini\" package bundled with npm was not in the library path where it could be included directly in other programs.\n\nThe nodejs-nodemon packages in Red Hat Enterprise Linux and Red Hat Software Collections are affected by this vulnerability as they bundle the nodejs-ini library. Usage of that library is governed by nodemon itself, so applications started by nodemon are not impacted. Further, nodemon is a developer tool not intended to be used in production.\n\nThe ini package is included in Red Hat Quay by protractor and webpack-cli, both of which are dev dependencies.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-7788" }, { "category": "external", "summary": "RHBZ#1907444", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7788", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7788" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788" } ], "release_date": "2020-12-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-01-25T09:28:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0246" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-ini: Prototype pollution via malicious INI file" }, { "cve": "CVE-2020-28469", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-04-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1945459" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent function. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-glob-parent: Regular expression denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "While some components do package a vulnerable version of glob-parent, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n - OpenShift distributed tracing", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-28469" }, { "category": "external", "summary": "RHBZ#1945459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28469", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28469" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905", "url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905" } ], "release_date": "2021-01-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-01-25T09:28:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0246" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-glob-parent: Regular expression denial of service" }, { "cve": "CVE-2021-3807", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-09-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2007557" } ], "notes": [ { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3807" }, { "category": "external", "summary": "RHBZ#2007557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3807" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" }, { "category": "external", "summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994", "url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994" } ], "release_date": "2021-09-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-01-25T09:28:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0246" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes" }, { "cve": "CVE-2021-3918", "cwe": { "id": "CWE-915", "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes" }, "discovery_date": "2021-11-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2024702" } ], "notes": [ { "category": "description", "text": "The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-json-schema: Prototype pollution vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "npm versions 8.0.0 and older provide a vulnerable version of the json-schema library. However, it is currently believed that in the context of npm, it is not possible to take advantage of the vulnerability.\n\nRed Hat Enterprise Linux version 8 and Software Collections provide a vulnerable version of the json-schema library only as embedded in the npm package. As a result, the severity of the incident has been lowered for these 2 products.\n\nRed Hat Quay includes json-schema as a development dependency of quay-registry-container. As a result, the impact rating has been lowered to Moderate.\n\nIn Red Hat OpenShift Container Platform (RHOCP), Red Hat Openshift Data Foundations (ODF), Red Hat distributed tracing, Migration Toolkit for Virtualization (MTV) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth. This restricts access to the vulnerable json-schema library to authenticated users only, therefore the impact is reduced to Moderate.\n\nIn Red Hat Openshift Data Foundations (ODF) the odf4/mcg-core-rhel8 component has \"Will not fix status\", but starting from ODF 4.11 stream this component contains already patched version of the json-schema library. Earlier version of ODF are already under Maintenance Support phase, hence this vulnerability will not be fixed.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3918" }, { "category": "external", "summary": "RHBZ#2024702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3918", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3918" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918" } ], "release_date": "2021-10-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-01-25T09:28:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0246" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nodejs-json-schema: Prototype pollution vulnerability" }, { "cve": "CVE-2021-22959", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2021-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2014057" } ], "notes": [ { "category": "description", "text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. Spaces as part of the header names were accepted as valid. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "llhttp: HTTP Request Smuggling due to spaces in headers", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-22959" }, { "category": "external", "summary": "RHBZ#2014057", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-22959", "url": "https://www.cve.org/CVERecord?id=CVE-2021-22959" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/" } ], "release_date": "2021-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-01-25T09:28:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0246" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "llhttp: HTTP Request Smuggling due to spaces in headers" }, { "cve": "CVE-2021-22960", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2021-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2014059" } ], "notes": [ { "category": "description", "text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. During the parsing of chunked messages, the chunk size parameter was not validated properly. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-22960" }, { "category": "external", "summary": "RHBZ#2014059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-22960", "url": "https://www.cve.org/CVERecord?id=CVE-2021-22960" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/" } ], "release_date": "2021-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-01-25T09:28:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0246" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests" }, { "cve": "CVE-2021-33502", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-05-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1964461" } ], "notes": [ { "category": "description", "text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-normalize-url: ReDoS for data URLs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-33502" }, { "category": "external", "summary": "RHBZ#1964461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33502" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539", "url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539" } ], "release_date": "2021-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-01-25T09:28:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0246" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-normalize-url: ReDoS for data URLs" }, { "cve": "CVE-2021-37701", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2021-08-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1999731" } ], "notes": [ { "category": "description", "text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain both a directory and a symlink with the same name, where the symlink and directory names in the archive entry used backslashes as a path separator, made it possible to bypass node-tar symlink checks on directories. This flaw allows an untrusted tar file to extract and overwrite files into an arbitrary location. A similar confusion can arise on case-insensitive filesystems. The highest threat from this vulnerability is to integrity and system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-37701" }, { "category": "external", "summary": "RHBZ#1999731", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999731" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-37701", "url": "https://www.cve.org/CVERecord?id=CVE-2021-37701" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37701" }, { "category": "external", "summary": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc", "url": "https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc" }, { "category": "external", "summary": "https://www.npmjs.com/advisories/1779", "url": "https://www.npmjs.com/advisories/1779" } ], "release_date": "2021-08-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-01-25T09:28:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0246" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite" }, { "cve": "CVE-2021-37712", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2021-08-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1999739" } ], "notes": [ { "category": "description", "text": "A flaw was found in the npm package \"tar\" (aka node-tar). Extracting tar files that contain two directories and a symlink with names containing Unicode values that normalize to the same value on Windows systems made it possible to bypass node-tar symlink checks on directories. This allows an untrusted tar file to extract and overwrite files into an arbitrary location. The highest threat from this vulnerability is to integrity and system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux version 8 and Red Hat Software Collection both embed `node-tar` in the npm command. However, npm explicitly prevents the extraction of symlink via a filter. npm might still be affected via node-gyp, if the attacker is able to control the target URL.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-37712" }, { "category": "external", "summary": "RHBZ#1999739", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1999739" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-37712", "url": "https://www.cve.org/CVERecord?id=CVE-2021-37712" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37712" }, { "category": "external", "summary": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p", "url": "https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p" }, { "category": "external", "summary": "https://www.npmjs.com/advisories/1780", "url": "https://www.npmjs.com/advisories/1780" } ], "release_date": "2021-08-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-01-25T09:28:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0246" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debuginfo-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-debugsource-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-devel-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-docs-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-full-i18n-1:14.18.2-2.module+el8.4.0+13643+6c0ebf22.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-nodemon-0:2.0.15-1.module+el8.4.0+13503+fc29810b.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020211213111158:522a0ee4:npm-1:6.14.15-1.14.18.2.2.module+el8.4.0+13643+6c0ebf22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-tar: Insufficient symlink protection due to directory cache poisoning using symbolic links allowing arbitrary file creation and overwrite" } ] }
rhsa-2021_2932
Vulnerability from csaf_redhat
Published
2021-07-28 08:38
Modified
2024-11-05 23:48
Summary
Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update
Notes
Topic
An update for rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: rh-nodejs14-nodejs (14.17.2).
Security Fix(es):
* nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl() (CVE-2021-23362)
* nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode (CVE-2021-27290)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* libuv: out-of-bounds read in uv__idna_toascii() can lead to information disclosures or crashes (CVE-2021-22918)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* ECDHE ciphers missing in rh-nodejs14 (BZ#1942591)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: rh-nodejs14-nodejs (14.17.2).\n\nSecurity Fix(es):\n\n* nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl() (CVE-2021-23362)\n\n* nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode (CVE-2021-27290)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* libuv: out-of-bounds read in uv__idna_toascii() can lead to information disclosures or crashes (CVE-2021-22918)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* ECDHE ciphers missing in rh-nodejs14 (BZ#1942591)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2932", "url": "https://access.redhat.com/errata/RHSA-2021:2932" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1941471", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941471" }, { "category": "external", "summary": "1942591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942591" }, { "category": "external", "summary": "1943208", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943208" }, { "category": "external", "summary": "1964461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461" }, { "category": "external", "summary": "1979338", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979338" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2932.json" } ], "title": "Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update", "tracking": { "current_release_date": "2024-11-05T23:48:07+00:00", "generator": { "date": "2024-11-05T23:48:07+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2021:2932", "initial_release_date": "2021-07-28T08:38:46+00:00", "revision_history": [ { "date": "2021-07-28T08:38:46+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-07-28T08:38:46+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T23:48:07+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } } ], "category": "product_family", "name": "Red Hat Software Collections" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "product": { "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "product_id": "rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.17.2-1.el7?arch=src" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "product": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "product_id": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-nodemon@2.0.3-2.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "product": { "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "product_id": "rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.17.2-1.el7?arch=x86_64" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "product": { "name": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "product_id": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-devel@14.17.2-1.el7?arch=x86_64" } } }, { "category": "product_version", "name": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "product": { "name": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "product_id": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-npm@6.14.13-14.17.2.1.el7?arch=x86_64" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "product": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "product_id": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-debuginfo@14.17.2-1.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "product": { "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "product_id": "rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.17.2-1.el7?arch=s390x" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "product": { "name": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "product_id": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-devel@14.17.2-1.el7?arch=s390x" } } }, { "category": "product_version", "name": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "product": { "name": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "product_id": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-npm@6.14.13-14.17.2.1.el7?arch=s390x" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "product": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "product_id": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-debuginfo@14.17.2-1.el7?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "product": { "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "product_id": "rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.17.2-1.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "product": { "name": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "product_id": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-devel@14.17.2-1.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "product": { "name": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "product_id": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-npm@6.14.13-14.17.2.1.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "product": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "product_id": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-debuginfo@14.17.2-1.el7?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "product": { "name": "rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "product_id": "rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-docs@14.17.2-1.el7?arch=noarch" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "product": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "product_id": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-nodemon@2.0.3-2.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.src" }, "product_reference": "rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch" }, "product_reference": "rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch" }, "product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src" }, "product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le" }, "product_reference": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x" }, "product_reference": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64" }, "product_reference": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src" }, "product_reference": "rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch" }, "product_reference": "rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch" }, "product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src" }, "product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le" }, "product_reference": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x" }, "product_reference": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64" }, "product_reference": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src" }, "product_reference": "rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch" }, "product_reference": "rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch" }, "product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src" }, "product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le" }, "product_reference": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x" }, "product_reference": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64" }, "product_reference": "rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.7" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-22918", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2021-07-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1979338" } ], "notes": [ { "category": "description", "text": "A flaw has been found in libuv. Node.js is vulnerable to out-of-bounds read in libuv\u0027s uv__idna_toascii() function which is used to convert strings to ASCII which is called by Node\u0027s DNS module\u0027s lookup() function and can lead to information disclosures or crashes. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "libuv: out-of-bounds read in uv__idna_toascii() can lead to information disclosures or crashes", "title": "Vulnerability summary" }, { "category": "other", "text": "As distributed by Red Hat, a maximum of 3 bytes out of bound can be read. This would not be sufficient to crash nodejs or other applications using libuv, unless it was recompiled using an address sanitizer. The memory disclosure is also very limited.\n\nRed Hat Quay version 3.5 does not ship nodejs. Red Hat Quay version 3.4 consumes the nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because they don\u0027t use nodejs as a HTTP server.\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-22918" }, { "category": "external", "summary": "RHBZ#1979338", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979338" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-22918", "url": "https://www.cve.org/CVERecord?id=CVE-2021-22918" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22918", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22918" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/" } ], "release_date": "2021-07-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-07-28T08:38:46+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2932" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "libuv: out-of-bounds read in uv__idna_toascii() can lead to information disclosures or crashes" }, { "cve": "CVE-2021-23362", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1943208" } ], "notes": [ { "category": "description", "text": "A regular expression denial of service vulnerability was found in hosted-git-info. If an application allows user input into the affected regular expression (regexp) function, `shortcutMatch` or `fromUrl`, then an attacker could craft a regexp which takes an ever increasing amount of time to process, potentially resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()", "title": "Vulnerability summary" }, { "category": "other", "text": "While some components do package a vulnerable version of hosted-git-info, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n\nSpecifically the following components:\n - The OCP hive-container does ship the vulnerable component, however since OCP 4.6 the Metering product has been deprecated [1], set as wont-fix and may be fixed in a future release.\n\nRed Hat Ceph Storage (RHCS) 4 packages a version of nodejs-hosted-git-info which is vulnerable to this flaw in the grafana-container shipped with it. \n\nRed Hat Quay includes hosted-git-info as a dependency of karma-coverage which is only used at development time. The hosted-git-info library is not used at runtime so the impact is low for Red Hat Quay.\n\nRed Hat Virtualization includes a vulnerable version of hosted-git-info, however it is only used during development. The hosted-git-info library is not used at runtime thus impact is rated Low and marked as \"wontfix\" at this time. Future updates may address this flaw.\n\n[1] - https://access.redhat.com/solutions/5707561", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23362" }, { "category": "external", "summary": "RHBZ#1943208", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943208" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23362", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23362" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23362", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23362" } ], "release_date": "2021-03-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-07-28T08:38:46+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2932" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()" }, { "cve": "CVE-2021-27290", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2021-03-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1941471" } ], "notes": [ { "category": "description", "text": "A flaw was found in ssri package. A malicious string provided by an attacker may lead to Regular Expression Denial of Service (ReDoS). This issue only affects consumers\r\nusing the strict option. The highest threat from this vulnerability is to availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode", "title": "Vulnerability summary" }, { "category": "other", "text": "Whilst the OpenShift ServiceMesh (OSSM) servicemesh-grafana and servicemesh-prometheus include the vulnerable ssri library, the vulnerable \"strict\" option is not used. Similar to OSSM, OpenShift Container Platform (OCP), Red Hat Advance Cluster Management for Kubernetes (RHACM) and OpenShift distributed tracing components include the vulnerable ssri library but the \"strict\" option is not used. Additionally access to the vulnerable library is protected by OpenShift OAuth what reducing impact by this flaw to LOW. Therefore these OSSM, OCP, RHACM and OpenShift distributed tracing components have been marked as wont-fix and may be addressed in a future updates.\n\nRed Hat Virtualization includes ssri in cockpit-ovirt, ovirt-web-ui and ovirt-engine-ui-extensions, but the vulnerable \"strict\" option is not used. Additionally access to the vulnerable library is protected by RHV authentication. Therefore the impact of this flaw for RHV has been reduced to LOW and components have been marked as wont-fix and may be addressed in a future update.\n\nRed Hat Quay includes ssri as a dependency of webpack which is only used at build time. The library is not used at runtime, reducing the impact of this vulnerability to low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-27290" }, { "category": "external", "summary": "RHBZ#1941471", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941471" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-27290", "url": "https://www.cve.org/CVERecord?id=CVE-2021-27290" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27290", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27290" } ], "release_date": "2021-03-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-07-28T08:38:46+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2932" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode" }, { "cve": "CVE-2021-33502", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-05-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1964461" } ], "notes": [ { "category": "description", "text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-normalize-url: ReDoS for data URLs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-33502" }, { "category": "external", "summary": "RHBZ#1964461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33502" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539", "url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539" } ], "release_date": "2021-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-07-28T08:38:46+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2932" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-debuginfo-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-devel-0:14.17.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-docs-0:14.17.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs14-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs14-npm-0:6.14.13-14.17.2.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-normalize-url: ReDoS for data URLs" } ] }
rhsa-2021_3016
Vulnerability from csaf_redhat
Published
2021-08-06 00:48
Modified
2024-11-05 23:49
Summary
Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes version 2.3
Notes
Topic
Red Hat Advanced Cluster Management for Kubernetes 2.3.0 General
Availability release images, which fix several bugs and security issues.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE links in the References section.
Details
Red Hat Advanced Cluster Management for Kubernetes 2.3.0 images
Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability engineers face as they work across a range of public and
private cloud environments. Clusters and applications are all visible and
managed from a single console—with security policy built in.
This advisory contains the container images for Red Hat Advanced Cluster
Management for Kubernetes, which fix several bugs and security issues. See
the following Release Notes documentation, which will be updated shortly
for this release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana
gement_for_kubernetes/2.3/html/release_notes/
Security:
* fastify-reply-from: crafted URL allows prefix scape of the proxied backend service (CVE-2021-21321)
* fastify-http-proxy: crafted URL allows prefix scape of the proxied
backend service (CVE-2021-21322)
* nodejs-netmask: improper input validation of octal input data (CVE-2021-28918)
* redis: Integer overflow via STRALGO LCS command (CVE-2021-29477)
* redis: Integer overflow via COPY command for large intsets (CVE-2021-29478)
* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)
* nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions
(CVE-2020-28500)
* golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension (CVE-2020-28851)
* golang.org/x/text: Panic in language.ParseAcceptLanguage while processing
bcp47 tag (CVE-2020-28852)
* nodejs-ansi_up: XSS due to insufficient URL sanitization (CVE-2021-3377)
* oras: zip-slip vulnerability via oras-pull (CVE-2021-21272)
* redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms (CVE-2021-21309)
* nodejs-lodash: command injection via template (CVE-2021-23337)
* nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl() (CVE-2021-23362)
* browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS) (CVE-2021-23364)
* nodejs-postcss: Regular expression denial of service during source map parsing (CVE-2021-23368)
* nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option (CVE-2021-23369)
* nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js (CVE-2021-23382)
* nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option (CVE-2021-23383)
* openssl: integer overflow in CipherUpdate (CVE-2021-23840)
* openssl: NULL pointer dereference in X509_issuer_and_serial_hash()
(CVE-2021-23841)
* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)
* grafana: snapshot feature allow an unauthenticated remote attacker to trigger a DoS via a remote API call (CVE-2021-27358)
* nodejs-is-svg: ReDoS via malicious string (CVE-2021-28092)
* nodejs-netmask: incorrectly parses an IP address that has octal integer with invalid character (CVE-2021-29418)
* ulikunitz/xz: Infinite loop in readUvarint allows for denial of service (CVE-2021-29482)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* nodejs-trim-newlines: ReDoS in .end() method (CVE-2021-33623)
* nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe (CVE-2021-23343)
* html-parse-stringify: Regular Expression DoS (CVE-2021-23346)
* openssl: incorrect SSLv2 rollback protection (CVE-2021-23839)
For more details about the security issues, including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
pages listed in the References section.
Bugs:
* RFE Make the source code for the endpoint-metrics-operator public (BZ# 1913444)
* cluster became offline after apiserver health check (BZ# 1942589)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat Advanced Cluster Management for Kubernetes 2.3.0 General\nAvailability release images, which fix several bugs and security issues. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Advanced Cluster Management for Kubernetes 2.3.0 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in.\n\nThis advisory contains the container images for Red Hat Advanced Cluster\nManagement for Kubernetes, which fix several bugs and security issues. See\nthe following Release Notes documentation, which will be updated shortly\nfor this release, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana\ngement_for_kubernetes/2.3/html/release_notes/\n\nSecurity:\n\n* fastify-reply-from: crafted URL allows prefix scape of the proxied backend service (CVE-2021-21321)\n\n* fastify-http-proxy: crafted URL allows prefix scape of the proxied\nbackend service (CVE-2021-21322)\n\n* nodejs-netmask: improper input validation of octal input data (CVE-2021-28918)\n\n* redis: Integer overflow via STRALGO LCS command (CVE-2021-29477)\n\n* redis: Integer overflow via COPY command for large intsets (CVE-2021-29478)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions\n(CVE-2020-28500)\n\n* golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension (CVE-2020-28851)\n\n* golang.org/x/text: Panic in language.ParseAcceptLanguage while processing\nbcp47 tag (CVE-2020-28852)\n\n* nodejs-ansi_up: XSS due to insufficient URL sanitization (CVE-2021-3377)\n\n* oras: zip-slip vulnerability via oras-pull (CVE-2021-21272)\n\n* redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms (CVE-2021-21309)\n\n* nodejs-lodash: command injection via template (CVE-2021-23337)\n\n* nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl() (CVE-2021-23362)\n\n* browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS) (CVE-2021-23364)\n\n* nodejs-postcss: Regular expression denial of service during source map parsing (CVE-2021-23368)\n\n* nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option (CVE-2021-23369)\n\n* nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js (CVE-2021-23382)\n\n* nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option (CVE-2021-23383)\n\n* openssl: integer overflow in CipherUpdate (CVE-2021-23840)\n\n* openssl: NULL pointer dereference in X509_issuer_and_serial_hash()\n(CVE-2021-23841)\n\n* nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292)\n\n* grafana: snapshot feature allow an unauthenticated remote attacker to trigger a DoS via a remote API call (CVE-2021-27358)\n\n* nodejs-is-svg: ReDoS via malicious string (CVE-2021-28092)\n\n* nodejs-netmask: incorrectly parses an IP address that has octal integer with invalid character (CVE-2021-29418)\n\n* ulikunitz/xz: Infinite loop in readUvarint allows for denial of service (CVE-2021-29482)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* nodejs-trim-newlines: ReDoS in .end() method (CVE-2021-33623)\n\n* nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe (CVE-2021-23343)\n\n* html-parse-stringify: Regular Expression DoS (CVE-2021-23346)\n\n* openssl: incorrect SSLv2 rollback protection (CVE-2021-23839)\n\nFor more details about the security issues, including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npages listed in the References section.\n\nBugs:\n\n* RFE Make the source code for the endpoint-metrics-operator public (BZ# 1913444)\n\n* cluster became offline after apiserver health check (BZ# 1942589)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:3016", "url": "https://access.redhat.com/errata/RHSA-2021:3016" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1913333", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333" }, { "category": "external", "summary": "1913338", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338" }, { "category": "external", "summary": "1913444", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913444" }, { "category": "external", "summary": "1921286", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921286" }, { "category": "external", "summary": "1927520", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927520" }, { "category": "external", "summary": "1928937", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928937" }, { "category": "external", "summary": "1928954", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928954" }, { "category": "external", "summary": "1930294", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930294" }, { "category": "external", "summary": "1930310", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930310" }, { "category": "external", "summary": "1930324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930324" }, { "category": "external", "summary": "1932634", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932634" }, { "category": "external", "summary": "1936427", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1936427" }, { "category": "external", "summary": "1939103", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939103" }, { "category": "external", "summary": "1940196", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940196" }, { "category": "external", "summary": "1940613", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613" }, { "category": "external", "summary": "1941024", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941024" }, { "category": "external", "summary": "1941675", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941675" }, { "category": "external", "summary": "1942178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942178" }, { "category": "external", "summary": "1942182", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942182" }, { "category": "external", "summary": "1942589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942589" }, { "category": "external", "summary": "1943208", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943208" }, { "category": "external", "summary": "1944822", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944822" }, { "category": "external", "summary": "1944827", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944827" }, { "category": "external", "summary": "1945459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459" }, { "category": "external", "summary": "1948761", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948761" }, { "category": "external", "summary": "1948763", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948763" }, { "category": "external", "summary": "1954150", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954150" }, { "category": "external", "summary": "1954368", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954368" }, { "category": "external", "summary": "1955619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955619" }, { "category": "external", "summary": "1956688", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956688" }, { "category": "external", "summary": "1956818", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956818" }, { "category": "external", "summary": "1957410", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957410" }, { "category": "external", "summary": "1957414", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957414" }, { "category": "external", "summary": "1964461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461" }, { "category": "external", "summary": "1966615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966615" }, { "category": "external", "summary": "1968122", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1968122" }, { "category": "external", "summary": "1972703", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1972703" }, { "category": "external", "summary": "1983131", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983131" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3016.json" } ], "title": "Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes version 2.3", "tracking": { "current_release_date": "2024-11-05T23:49:56+00:00", "generator": { "date": "2024-11-05T23:49:56+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2021:3016", "initial_release_date": "2021-08-06T00:48:52+00:00", "revision_history": [ { "date": "2021-08-06T00:48:52+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-08-06T00:48:52+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T23:49:56+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product": { "name": "Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:acm:2.3::el8" } } }, { "category": "product_name", "name": "Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 7", "product": { "name": "Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 7", "product_id": "7Server-RHACM-2.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:acm:2.3::el7" } } } ], "category": "product_family", "name": "Red Hat ACM" }, { "branches": [ { "category": "product_version", "name": "rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "product": { "name": "rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "product_id": "rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.3.0-38" } } }, { "category": "product_version", "name": "rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "product": { "name": "rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "product_id": "rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.3.0-33" } } }, { "category": "product_version", "name": "rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "product": { "name": "rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "product_id": "rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.3.0-197" } } }, { "category": "product_version", "name": "rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "product": { "name": "rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "product_id": "rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "product_identification_helper": { "purl": "pkg:oci/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/application-ui-rhel8\u0026tag=v2.3.0-120" } } }, { "category": "product_version", "name": "rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "product": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "product_id": "rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "product_identification_helper": { "purl": "pkg:oci/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.3.0-44" } } }, { "category": "product_version", "name": "rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "product": { "name": "rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "product_id": "rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "product_identification_helper": { "purl": "pkg:oci/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cluster-curator-controller-rhel8\u0026tag=v2.3.0-41" } } }, { "category": "product_version", "name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "product": { "name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "product_id": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "product_identification_helper": { "purl": "pkg:oci/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/clusterlifecycle-state-metrics-rhel8\u0026tag=v2.3.0-43" } } }, { "category": "product_version", "name": "rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "product": { "name": "rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "product_id": "rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "product_identification_helper": { "purl": "pkg:oci/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.3.0-55" } } }, { "category": "product_version", "name": "rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "product": { "name": "rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "product_id": "rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "product_identification_helper": { "purl": "pkg:oci/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/console-api-rhel8\u0026tag=v2.3.0-63" } } }, { "category": "product_version", "name": "rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "product": { "name": "rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "product_id": "rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "product_identification_helper": { "purl": "pkg:oci/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.3.0-127" } } }, { "category": "product_version", "name": "rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "product": { "name": "rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "product_id": "rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "product_identification_helper": { "purl": "pkg:oci/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/discovery-rhel8-operator\u0026tag=v2.3.0-59" } } }, { "category": "product_version", "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "product": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "product_identification_helper": { "purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.3.0-49" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "product": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.3.0-43" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "product": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.3.0-38" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "product": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.3.0-41" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "product": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.3.0-37" } } }, { "category": "product_version", "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "product": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "product_identification_helper": { "purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.3.0-40" } } }, { "category": "product_version", "name": "rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "product": { "name": "rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "product_id": "rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "product_identification_helper": { "purl": "pkg:oci/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/grc-ui-api-rhel8\u0026tag=v2.3.0-58" } } }, { "category": "product_version", "name": "rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "product": { "name": "rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "product_id": "rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "product_identification_helper": { "purl": "pkg:oci/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/grc-ui-rhel8\u0026tag=v2.3.0-100" } } }, { "category": "product_version", "name": "rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "product": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "product_id": "rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "product_identification_helper": { "purl": "pkg:oci/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.3.0-40" } } }, { "category": "product_version", "name": "rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "product": { "name": "rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "product_id": "rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "product_identification_helper": { "purl": "pkg:oci/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.3.0-49" } } }, { "category": "product_version", "name": "rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "product": { "name": "rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "product_id": "rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "product_identification_helper": { "purl": "pkg:oci/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.3.0-20" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "product": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.3.0-39" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "product": { "name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "product_id": "rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-rhel8-operator\u0026tag=v2.3.0-39" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "product": { "name": "rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "product_id": "rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "product_identification_helper": { "purl": "pkg:oci/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-operator-bundle\u0026tag=v2.3.0-243" } } }, { "category": "product_version", "name": "rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "product": { "name": "rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "product_id": "rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "product_identification_helper": { "purl": "pkg:oci/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/kui-web-terminal-rhel8\u0026tag=v2.3.0-51" } } }, { "category": "product_version", "name": "rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "product": { "name": "rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "product_id": "rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "product_identification_helper": { "purl": "pkg:oci/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/managedcluster-import-controller-rhel8\u0026tag=v2.3.0-46" } } }, { "category": "product_version", "name": "rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "product": { "name": "rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "product_id": "rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "product_identification_helper": { "purl": "pkg:oci/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel7\u0026tag=v2.3.0-36" } } }, { "category": "product_version", "name": "rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "product": { "name": "rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "product_id": "rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "product_identification_helper": { "purl": "pkg:oci/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.3.0-20" } } }, { "category": "product_version", "name": "rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "product": { "name": "rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "product_id": "rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "product_identification_helper": { "purl": "pkg:oci/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel7\u0026tag=v2.3.0-21" } } }, { "category": "product_version", "name": "rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "product": { "name": "rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "product_id": "rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "product_identification_helper": { "purl": "pkg:oci/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.3.0-43" } } }, { "category": "product_version", "name": "rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "product": { "name": "rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "product_id": "rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "product_identification_helper": { "purl": "pkg:oci/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicloud-manager-rhel8\u0026tag=v2.3.0-69" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "product": { "name": "rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "product_id": "rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.3.0-106" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "product": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.3.0-95" } } }, { "category": "product_version", "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "product": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.3.0-107" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "product": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.3.0-39" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "product": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.3.0-40" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "product": { "name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "product_id": "rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-deployable-rhel8\u0026tag=v2.3.0-35" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "product": { "name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "product_id": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-placementrule-rhel8\u0026tag=v2.3.0-53" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "product": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.3.0-66" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "product": { "name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "product_id": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-release-rhel8\u0026tag=v2.3.0-43" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "product": { "name": "rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "product_id": "rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.3.0-34" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "product": { "name": "rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "product_id": "rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.3.0-47" } } }, { "category": "product_version", "name": "rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "product": { "name": "rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "product_id": "rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/openshift-hive-rhel8\u0026tag=v2.3.0-30" } } }, { "category": "product_version", "name": "rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "product": { "name": "rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "product_id": "rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/openshift-hive-rhel7\u0026tag=v2.3.0-30" } } }, { "category": "product_version", "name": "rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "product": { "name": "rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "product_id": "rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "product_identification_helper": { "purl": "pkg:oci/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/placement-rhel8\u0026tag=v2.3.0-17" } } }, { "category": "product_version", "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "product": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "product_identification_helper": { "purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.3.0-25" } } }, { "category": "product_version", "name": "rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "product": { "name": "rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "product_id": "rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "product_identification_helper": { "purl": "pkg:oci/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/provider-credential-controller-rhel8\u0026tag=v2.3.0-28" } } }, { "category": "product_version", "name": "rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "product": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "product_identification_helper": { "purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.3.0-41" } } }, { "category": "product_version", "name": "rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "product": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "product_id": "rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "product_identification_helper": { "purl": "pkg:oci/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.3.0-29" } } }, { "category": "product_version", "name": "rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "product": { "name": "rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "product_id": "rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "product_identification_helper": { "purl": "pkg:oci/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8\u0026tag=v2.3.0-49" } } }, { "category": "product_version", "name": "rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "product": { "name": "rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "product_id": "rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "product_identification_helper": { "purl": "pkg:oci/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8-operator\u0026tag=v2.3.0-45" } } }, { "category": "product_version", "name": "rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "product": { "name": "rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "product_id": "rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "product_identification_helper": { "purl": "pkg:oci/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/agent-service-rhel8\u0026tag=v2.3.0-18" } } }, { "category": "product_version", "name": "rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "product": { "name": "rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "product_id": "rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "product_identification_helper": { "purl": "pkg:oci/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/assisted-installer-agent-rhel8\u0026tag=v2.3.0-21" } } }, { "category": "product_version", "name": "rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "product": { "name": "rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "product_id": "rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "product_identification_helper": { "purl": "pkg:oci/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/assisted-installer-rhel8\u0026tag=v2.3.0-22" } } }, { "category": "product_version", "name": "rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "product": { "name": "rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "product_id": "rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "product_identification_helper": { "purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/assisted-installer-reporter-rhel8\u0026tag=v2.3.0-24" } } }, { "category": "product_version", "name": "rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "product": { "name": "rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "product_id": "rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "product_identification_helper": { "purl": "pkg:oci/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.3.0-41" } } }, { "category": "product_version", "name": "rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "product": { "name": "rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "product_id": "rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "product_identification_helper": { "purl": "pkg:oci/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.3.0-46" } } }, { "category": "product_version", "name": "rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "product": { "name": "rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "product_id": "rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "product_identification_helper": { "purl": "pkg:oci/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.3.0-52" } } }, { "category": "product_version", "name": "rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "product": { "name": "rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "product_id": "rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "product_identification_helper": { "purl": "pkg:oci/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.3.0-45" } } }, { "category": "product_version", "name": "rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "product": { "name": "rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "product_id": "rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "product_identification_helper": { "purl": "pkg:oci/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-ui-rhel8\u0026tag=v2.3.0-59" } } }, { "category": "product_version", "name": "rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "product": { "name": "rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "product_id": "rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "product_identification_helper": { "purl": "pkg:oci/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.3.0-53" } } }, { "category": "product_version", "name": "rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "product": { "name": "rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "product_id": "rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "product_identification_helper": { "purl": "pkg:oci/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel7\u0026tag=v2.3.0-36" } } }, { "category": "product_version", "name": "rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "product": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "product_identification_helper": { "purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.3.0-25" } } }, { "category": "product_version", "name": "rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64", "product": { "name": "rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64", "product_id": "rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64", "product_identification_helper": { "purl": "pkg:oci/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/work-rhel8\u0026tag=v2.3.0-40" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "product": { "name": "rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "product_id": "rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.3.0-38" } } }, { "category": "product_version", "name": "rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "product": { "name": "rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "product_id": "rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.3.0-33" } } }, { "category": "product_version", "name": "rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "product": { "name": "rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "product_id": "rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.3.0-197" } } }, { "category": "product_version", "name": "rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "product": { "name": "rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "product_id": "rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "product_identification_helper": { "purl": "pkg:oci/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/application-ui-rhel8\u0026tag=v2.3.0-120" } } }, { "category": "product_version", "name": "rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "product": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "product_id": "rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.3.0-44" } } }, { "category": "product_version", "name": "rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "product": { "name": "rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "product_id": "rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cluster-curator-controller-rhel8\u0026tag=v2.3.0-41" } } }, { "category": "product_version", "name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "product": { "name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "product_id": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "product_identification_helper": { "purl": "pkg:oci/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/clusterlifecycle-state-metrics-rhel8\u0026tag=v2.3.0-43" } } }, { "category": "product_version", "name": "rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "product": { "name": "rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "product_id": "rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "product_identification_helper": { "purl": "pkg:oci/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.3.0-55" } } }, { "category": "product_version", "name": "rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "product": { "name": "rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "product_id": "rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/console-api-rhel8\u0026tag=v2.3.0-63" } } }, { "category": "product_version", "name": "rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "product": { "name": "rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "product_id": "rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.3.0-127" } } }, { "category": "product_version", "name": "rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "product": { "name": "rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "product_id": "rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/discovery-rhel8-operator\u0026tag=v2.3.0-59" } } }, { "category": "product_version", "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "product": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "product_identification_helper": { "purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.3.0-49" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "product": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "product_identification_helper": { "purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.3.0-43" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "product": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "product_identification_helper": { "purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.3.0-38" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "product": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.3.0-41" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "product": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "product_identification_helper": { "purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.3.0-37" } } }, { "category": "product_version", "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "product": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "product_identification_helper": { "purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.3.0-40" } } }, { "category": "product_version", "name": "rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "product": { "name": "rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "product_id": "rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "product_identification_helper": { "purl": "pkg:oci/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/grc-ui-api-rhel8\u0026tag=v2.3.0-58" } } }, { "category": "product_version", "name": "rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "product": { "name": "rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "product_id": "rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "product_identification_helper": { "purl": "pkg:oci/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/grc-ui-rhel8\u0026tag=v2.3.0-100" } } }, { "category": "product_version", "name": "rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "product": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "product_id": "rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "product_identification_helper": { "purl": "pkg:oci/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.3.0-40" } } }, { "category": "product_version", "name": "rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "product": { "name": "rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "product_id": "rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.3.0-49" } } }, { "category": "product_version", "name": "rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "product": { "name": "rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "product_id": "rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.3.0-20" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "product": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.3.0-39" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "product": { "name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "product_id": "rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-rhel8-operator\u0026tag=v2.3.0-39" } } }, { "category": "product_version", "name": "rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "product": { "name": "rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "product_id": "rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/kui-web-terminal-rhel8\u0026tag=v2.3.0-51" } } }, { "category": "product_version", "name": "rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "product": { "name": "rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "product_id": "rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/managedcluster-import-controller-rhel8\u0026tag=v2.3.0-46" } } }, { "category": "product_version", "name": "rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "product": { "name": "rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "product_id": "rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "product_identification_helper": { "purl": "pkg:oci/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel7\u0026tag=v2.3.0-36" } } }, { "category": "product_version", "name": "rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "product": { "name": "rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "product_id": "rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "product_identification_helper": { "purl": "pkg:oci/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.3.0-20" } } }, { "category": "product_version", "name": "rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "product": { "name": "rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "product_id": "rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel7\u0026tag=v2.3.0-21" } } }, { "category": "product_version", "name": "rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "product": { "name": "rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "product_id": "rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "product_identification_helper": { "purl": "pkg:oci/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.3.0-43" } } }, { "category": "product_version", "name": "rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "product": { "name": "rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "product_id": "rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicloud-manager-rhel8\u0026tag=v2.3.0-69" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "product": { "name": "rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "product_id": "rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.3.0-106" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "product": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.3.0-95" } } }, { "category": "product_version", "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "product": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.3.0-107" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "product": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.3.0-39" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "product": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.3.0-40" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "product": { "name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "product_id": "rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-deployable-rhel8\u0026tag=v2.3.0-35" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "product": { "name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "product_id": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-placementrule-rhel8\u0026tag=v2.3.0-53" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "product": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.3.0-66" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "product": { "name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "product_id": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-release-rhel8\u0026tag=v2.3.0-43" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "product": { "name": "rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "product_id": "rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.3.0-34" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "product": { "name": "rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "product_id": "rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.3.0-47" } } }, { "category": "product_version", "name": "rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "product": { "name": "rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "product_id": "rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/openshift-hive-rhel8\u0026tag=v2.3.0-30" } } }, { "category": "product_version", "name": "rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "product": { "name": "rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "product_id": "rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/openshift-hive-rhel7\u0026tag=v2.3.0-30" } } }, { "category": "product_version", "name": "rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "product": { "name": "rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "product_id": "rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/placement-rhel8\u0026tag=v2.3.0-17" } } }, { "category": "product_version", "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "product": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.3.0-25" } } }, { "category": "product_version", "name": "rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "product": { "name": "rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "product_id": "rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/provider-credential-controller-rhel8\u0026tag=v2.3.0-28" } } }, { "category": "product_version", "name": "rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "product": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.3.0-41" } } }, { "category": "product_version", "name": "rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "product": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "product_id": "rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.3.0-29" } } }, { "category": "product_version", "name": "rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "product": { "name": "rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "product_id": "rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "product_identification_helper": { "purl": "pkg:oci/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8\u0026tag=v2.3.0-49" } } }, { "category": "product_version", "name": "rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "product": { "name": "rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "product_id": "rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8-operator\u0026tag=v2.3.0-45" } } }, { "category": "product_version", "name": "rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "product": { "name": "rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "product_id": "rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/agent-service-rhel8\u0026tag=v2.3.0-18" } } }, { "category": "product_version", "name": "rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "product": { "name": "rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "product_id": "rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/assisted-installer-rhel8\u0026tag=v2.3.0-22" } } }, { "category": "product_version", "name": "rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "product": { "name": "rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "product_id": "rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "product_identification_helper": { "purl": "pkg:oci/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/assisted-installer-reporter-rhel8\u0026tag=v2.3.0-24" } } }, { "category": "product_version", "name": "rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "product": { "name": "rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "product_id": "rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.3.0-41" } } }, { "category": "product_version", "name": "rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "product": { "name": "rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "product_id": "rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "product_identification_helper": { "purl": "pkg:oci/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.3.0-46" } } }, { "category": "product_version", "name": "rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "product": { "name": "rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "product_id": "rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.3.0-52" } } }, { "category": "product_version", "name": "rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "product": { "name": "rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "product_id": "rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "product_identification_helper": { "purl": "pkg:oci/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.3.0-45" } } }, { "category": "product_version", "name": "rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "product": { "name": "rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "product_id": "rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "product_identification_helper": { "purl": "pkg:oci/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-ui-rhel8\u0026tag=v2.3.0-59" } } }, { "category": "product_version", "name": "rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "product": { "name": "rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "product_id": "rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.3.0-53" } } }, { "category": "product_version", "name": "rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "product": { "name": "rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "product_id": "rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "product_identification_helper": { "purl": "pkg:oci/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel7\u0026tag=v2.3.0-36" } } }, { "category": "product_version", "name": "rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "product": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "product_identification_helper": { "purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.3.0-25" } } }, { "category": "product_version", "name": "rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "product": { "name": "rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "product_id": "rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/work-rhel8\u0026tag=v2.3.0-40" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "product": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "product_id": "rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "product_identification_helper": { "purl": "pkg:oci/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.3.0-44" } } }, { "category": "product_version", "name": "rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "product": { "name": "rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "product_id": "rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "product_identification_helper": { "purl": "pkg:oci/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.3.0-55" } } }, { "category": "product_version", "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "product": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "product_identification_helper": { "purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.3.0-49" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "product": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "product_identification_helper": { "purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.3.0-38" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "product": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "product_identification_helper": { "purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.3.0-41" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "product": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "product_identification_helper": { "purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.3.0-37" } } }, { "category": "product_version", "name": "rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "product": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "product_id": "rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "product_identification_helper": { "purl": "pkg:oci/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.3.0-40" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "product": { "name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "product_id": "rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-rhel8-operator\u0026tag=v2.3.0-39" } } }, { "category": "product_version", "name": "rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "product": { "name": "rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "product_id": "rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "product_identification_helper": { "purl": "pkg:oci/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.3.0-43" } } }, { "category": "product_version", "name": "rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "product": { "name": "rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "product_id": "rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "product_identification_helper": { "purl": "pkg:oci/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicloud-manager-rhel8\u0026tag=v2.3.0-69" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "product": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.3.0-66" } } }, { "category": "product_version", "name": "rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "product": { "name": "rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "product_id": "rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "product_identification_helper": { "purl": "pkg:oci/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8\u0026tag=v2.3.0-49" } } }, { "category": "product_version", "name": "rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "product": { "name": "rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "product_id": "rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "product_identification_helper": { "purl": "pkg:oci/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/registration-rhel8-operator\u0026tag=v2.3.0-45" } } }, { "category": "product_version", "name": "rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "product": { "name": "rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "product_id": "rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "product_identification_helper": { "purl": "pkg:oci/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.3.0-52" } } }, { "category": "product_version", "name": "rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "product": { "name": "rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "product_id": "rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "product_identification_helper": { "purl": "pkg:oci/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/work-rhel8\u0026tag=v2.3.0-40" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 7", "product_id": "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le" }, "product_reference": "rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "relates_to_product_reference": "7Server-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 7", "product_id": "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64" }, "product_reference": "rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "relates_to_product_reference": "7Server-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 7", "product_id": "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le" }, "product_reference": "rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "relates_to_product_reference": "7Server-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 7", "product_id": "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64" }, "product_reference": "rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "relates_to_product_reference": "7Server-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 7", "product_id": "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64" }, "product_reference": "rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "relates_to_product_reference": "7Server-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 7", "product_id": "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le" }, "product_reference": "rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "relates_to_product_reference": "7Server-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le" }, "product_reference": "rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64" }, "product_reference": "rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64" }, "product_reference": "rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le" }, "product_reference": "rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64" }, "product_reference": "rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le" }, "product_reference": "rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le" }, "product_reference": "rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64" }, "product_reference": "rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le" }, "product_reference": "rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64" }, "product_reference": "rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64" }, "product_reference": "rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64" }, "product_reference": "rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le" }, "product_reference": "rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64" }, "product_reference": "rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le" }, "product_reference": "rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x" }, "product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64" }, "product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le" }, "product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le" }, "product_reference": "rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64" }, "product_reference": "rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le" }, "product_reference": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64" }, "product_reference": "rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64" }, "product_reference": "rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le" }, "product_reference": "rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x" }, "product_reference": "rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64" }, "product_reference": "rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le" }, "product_reference": "rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64" }, "product_reference": "rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le" }, "product_reference": "rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64" }, "product_reference": "rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le" }, "product_reference": "rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64" }, "product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x" }, "product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le" }, "product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64" }, "product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le" }, "product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64" }, "product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le" }, "product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x" }, "product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64" }, "product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le" }, "product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x" }, "product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le" }, "product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x" }, "product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64" }, "product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64" }, "product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le" }, "product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64" }, "product_reference": "rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le" }, "product_reference": "rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le" }, "product_reference": "rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64" }, "product_reference": "rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64" }, "product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x" }, "product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le" }, "product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le" }, "product_reference": "rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64" }, "product_reference": "rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le" }, "product_reference": "rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64" }, "product_reference": "rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le" }, "product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64" }, "product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64" }, "product_reference": "rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le" }, "product_reference": "rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x" }, "product_reference": "rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64" }, "product_reference": "rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le" }, "product_reference": "rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64" }, "product_reference": "rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64" }, "product_reference": "rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le" }, "product_reference": "rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64" }, "product_reference": "rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le" }, "product_reference": "rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le" }, "product_reference": "rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x" }, "product_reference": "rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64" }, "product_reference": "rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64" }, "product_reference": "rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le" }, "product_reference": "rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x" }, "product_reference": "rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64" }, "product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le" }, "product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le" }, "product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64" }, "product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64" }, "product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le" }, "product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64" }, "product_reference": "rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le" }, "product_reference": "rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64" }, "product_reference": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le" }, "product_reference": "rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64" }, "product_reference": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le" }, "product_reference": "rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64" }, "product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x" }, "product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le" }, "product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64" }, "product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le" }, "product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64" }, "product_reference": "rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le" }, "product_reference": "rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le" }, "product_reference": "rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64" }, "product_reference": "rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64" }, "product_reference": "rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le" }, "product_reference": "rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64" }, "product_reference": "rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le" }, "product_reference": "rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64" }, "product_reference": "rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le" }, "product_reference": "rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le" }, "product_reference": "rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64" }, "product_reference": "rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64" }, "product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le" }, "product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le" }, "product_reference": "rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64" }, "product_reference": "rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64" }, "product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le" }, "product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64" }, "product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le" }, "product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le" }, "product_reference": "rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x" }, "product_reference": "rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64" }, "product_reference": "rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le" }, "product_reference": "rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x" }, "product_reference": "rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64" }, "product_reference": "rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le" }, "product_reference": "rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64" }, "product_reference": "rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le" }, "product_reference": "rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64" }, "product_reference": "rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x" }, "product_reference": "rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64" }, "product_reference": "rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le" }, "product_reference": "rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le" }, "product_reference": "rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64" }, "product_reference": "rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le" }, "product_reference": "rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64" }, "product_reference": "rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le" }, "product_reference": "rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64" }, "product_reference": "rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le" }, "product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64" }, "product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le" }, "product_reference": "rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x" }, "product_reference": "rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "relates_to_product_reference": "8Base-RHACM-2.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "product_id": "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" }, "product_reference": "rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64", "relates_to_product_reference": "8Base-RHACM-2.3" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-28469", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-04-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1945459" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent function. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-glob-parent: Regular expression denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "While some components do package a vulnerable version of glob-parent, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n - OpenShift distributed tracing", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-28469" }, { "category": "external", "summary": "RHBZ#1945459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28469", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28469" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905", "url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905" } ], "release_date": "2021-01-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-glob-parent: Regular expression denial of service" }, { "cve": "CVE-2020-28500", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-02-15T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1928954" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-lodash. A Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions is possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions", "title": "Vulnerability summary" }, { "category": "other", "text": "In OpenShift ServiceMesh (OSSM) and Red Hat OpenShift Jaeger (RHOSJ) the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable nodejs-lodash library to authenticated users only, therefore the impact is low.\n\nWhile Red Hat Virtualization\u0027s cockpit-ovirt has a dependency on lodash it doesn\u0027t use the vulnerable toNumber, trim, or trimEnd functions.\n\nWhile Red Hat Quay has a dependency on lodash via restangular it doesn\u0027t use the vulnerable toNumber, trim, or trimEnd functions.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-28500" }, { "category": "external", "summary": "RHBZ#1928954", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928954" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28500", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28500" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28500", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28500" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-LODASH-1018905", "url": "https://snyk.io/vuln/SNYK-JS-LODASH-1018905" } ], "release_date": "2021-02-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions" }, { "cve": "CVE-2020-28851", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "discovery_date": "2021-01-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1913333" } ], "notes": [ { "category": "description", "text": "A flaw was found in golang.org. In x/text, an \"index out of range\" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension", "title": "Vulnerability summary" }, { "category": "other", "text": "Below Red Hat products include the affected version of \u0027golang.org/x/text\u0027, however the language package is not being used and hence they are rated as having a security impact of Low. A future update may address this issue.\n\n* Red Hat OpenShift Container Storage 4\n* OpenShift ServiceMesh (OSSM)\n* Red Hat Gluster Storage 3\n* Windows Container Support for Red Hat OpenShift\n\nOnly three components in OpenShift Container Platform include the affected package, \u0027golang.org/x/text/language\u0027 , the installer, baremetal installer and thanos container images. All other components that include a version of \u0027golang.org/x/text\u0027 do not include the \u0027language\u0027 package and are therefore not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-28851" }, { "category": "external", "summary": "RHBZ#1913333", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913333" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28851", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28851" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28851", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28851" } ], "release_date": "2021-01-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension" }, { "cve": "CVE-2020-28852", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "discovery_date": "2021-01-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1913338" } ], "notes": [ { "category": "description", "text": "A flaw was found in golang.org. In x/text, a \"slice bounds out of range\" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag", "title": "Vulnerability summary" }, { "category": "other", "text": "Below Red Hat products include the affected version of \u0027golang.org/x/text\u0027, however the language package is not being used and hence they are rated as having a security impact of Low. A future update may address this issue.\n\n* Red Hat OpenShift Container Storage 4\n* OpenShift ServiceMesh (OSSM)\n* Red Hat Gluster Storage 3\n* Windows Container Support for Red Hat OpenShift\n\nOnly three components in OpenShift Container Platform include the affected package, \u0027golang.org/x/text/language\u0027 , the installer, baremetal installer and thanos container images. All other components that include a version of \u0027golang.org/x/text\u0027 do not include the \u0027language\u0027 package and are therefore not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-28852" }, { "category": "external", "summary": "RHBZ#1913338", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913338" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28852", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28852" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28852", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28852" } ], "release_date": "2021-01-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag" }, { "cve": "CVE-2021-3377", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2021-03-05T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1936427" } ], "notes": [ { "category": "description", "text": "A flaw was found in npm package ansi_up versions \u003c 5.0.0 when parsing untrusted user input. An attacker could take advantage of this by introducing ANSI escape codes to inject arbitrary HTML and JavaScript in result mounting a cross-site scripting (XSS) attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ansi_up: XSS due to insufficient URL sanitization", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3377" }, { "category": "external", "summary": "RHBZ#1936427", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1936427" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3377", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3377" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3377", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3377" }, { "category": "external", "summary": "https://doyensec.com/resources/Doyensec_Advisory_ansi_up4_XSS.pdf", "url": "https://doyensec.com/resources/Doyensec_Advisory_ansi_up4_XSS.pdf" } ], "release_date": "2021-01-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-ansi_up: XSS due to insufficient URL sanitization" }, { "cve": "CVE-2021-21272", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2021-01-27T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1921286" } ], "notes": [ { "category": "description", "text": "A flaw was found in oras. The directory support feature allows the downloaded gzipped tarballs to be automatically extracted to the user-specified directory where the tarball can have symbolic links and hard links. A well-crafted tarball or tarballs allow malicious artifact providers linking, writing, or overwriting specific files on the host filesystem outside of the user-specified directory unexpectedly with the same permissions as the user who runs `oras pull`.", "title": "Vulnerability description" }, { "category": "summary", "text": "oras: zip-slip vulnerability via oras-pull", "title": "Vulnerability summary" }, { "category": "other", "text": "A vulnerable version of github.com/deislabs/oras package is delivered in listed OpenShift Container Platform (OCP) and OpenShift Container Storage components, but the vulnerable code is not invoked, therefore these components are affected but with impact Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-21272" }, { "category": "external", "summary": "RHBZ#1921286", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921286" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-21272", "url": "https://www.cve.org/CVERecord?id=CVE-2021-21272" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21272", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21272" }, { "category": "external", "summary": "https://github.com/deislabs/oras/security/advisories/GHSA-g5v4-5x39-vwhx", "url": "https://github.com/deislabs/oras/security/advisories/GHSA-g5v4-5x39-vwhx" } ], "release_date": "2021-01-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "oras: zip-slip vulnerability via oras-pull" }, { "cve": "CVE-2021-21309", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2021-02-24T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1932634" } ], "notes": [ { "category": "description", "text": "An integer overflow was found in Redis. Redis 4.0 or newer uses a configurable limit for the maximum supported bulk input size. The default size is 512MB which is a safe value for all platforms. Authenticated Redis users could increase the bulk input size by changing the \"proto-max-bulk-len\" configuration parameter, leading to heap corruption and potentially remote code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue only affects 32-bit Redis. Red Hat Enterprise Linux 8 and Red Hat Software Collections are not affected by this issue because they do not provide support for 32-bit Redis. The following products are not affected because the vulnerable component (Redis 4.0) is not being consumed:\n * Red Hat Ansible Automation Platform\n * Red Hat Ansible Tower\n * Red Hat OpenStack Platform", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-21309" }, { "category": "external", "summary": "RHBZ#1932634", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932634" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-21309", "url": "https://www.cve.org/CVERecord?id=CVE-2021-21309" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21309", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21309" }, { "category": "external", "summary": "https://github.com/redis/redis/security/advisories/GHSA-hgj8-vff2-7cjf", "url": "https://github.com/redis/redis/security/advisories/GHSA-hgj8-vff2-7cjf" } ], "release_date": "2021-02-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" }, { "category": "workaround", "details": "As recommended in the upstream advisory, this issue can be mitigated by preventing clients from directly executing `CONFIG SET`:\n* Using Redis 6.0 or newer, ACL configuration can be used to block the command.\n* Using older versions, the `rename-command` configuration directive can be used to rename the command to a random string unknown to users, rendering it inaccessible.", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms" }, { "cve": "CVE-2021-21321", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-03-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1942178" } ], "notes": [ { "category": "description", "text": "A flaw was found in fastify-reply-from. Escaping of the prefix of the proxied backend service is possible allowing an attacker, using a specially crafted URL, to gain access to directories that would otherwise be out of bounds. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "fastify-reply-from: crafted URL allows prefix scape of the proxied backend service", "title": "Vulnerability summary" }, { "category": "other", "text": "The impact of this flaw largely depends on the environment where the affected library is being used. This flaw could be used to redirect an adversary to an exposed, unprotected endpoint. Depending on the functionality of the affected endpoint that could result in a loss of confidentiality, integrity and availability. The severity of this flaw in for Red Had Advanced Cluster Management for Kubernetes is rated as important as there are no exposed, un-authenticated endpoints that could be accessed by exploiting this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-21321" }, { "category": "external", "summary": "RHBZ#1942178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942178" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-21321", "url": "https://www.cve.org/CVERecord?id=CVE-2021-21321" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21321", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21321" }, { "category": "external", "summary": "https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-qmw8-3v4g-gwj4", "url": "https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-qmw8-3v4g-gwj4" } ], "release_date": "2021-02-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "fastify-reply-from: crafted URL allows prefix scape of the proxied backend service" }, { "cve": "CVE-2021-21322", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-03-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1942182" } ], "notes": [ { "category": "description", "text": "A flaw was found in fastify-http-proxy. Escaping the prefix of the proxied backend service is possible by an attacker using a specially crafted URL. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "fastify-http-proxy: crafted URL allows prefix scape of the proxied backend service", "title": "Vulnerability summary" }, { "category": "other", "text": "The impact of this flaw largely depends on the environment where the affected library is being used. This flaw could be used to redirect an adversary to an exposed, unprotected endpoint. Depending on the functionality of the affected endpoint that could result in a loss of confidentiality, integrity and availability. The severity of this flaw in for Red Had Advanced Cluster Management for Kubernetes is rated as important as there are no exposed, un-authenticated endpoints that could be accessed by exploiting this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-21322" }, { "category": "external", "summary": "RHBZ#1942182", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942182" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-21322", "url": "https://www.cve.org/CVERecord?id=CVE-2021-21322" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21322", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21322" }, { "category": "external", "summary": "https://github.com/fastify/fastify-http-proxy/security/advisories/GHSA-c4qr-gmr9-v23w", "url": "https://github.com/fastify/fastify-http-proxy/security/advisories/GHSA-c4qr-gmr9-v23w" } ], "release_date": "2021-02-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "fastify-http-proxy: crafted URL allows prefix scape of the proxied backend service" }, { "cve": "CVE-2021-23337", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "discovery_date": "2021-02-15T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1928937" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-lodash. A command injection flaw is possible through template variables.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-lodash: command injection via template", "title": "Vulnerability summary" }, { "category": "other", "text": "In OpenShift ServiceMesh (OSSM) and Red Hat OpenShift Jaeger (RHOSJ) the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable nodejs-lodash library to authenticated users only, therefore the impact is low.\n\nWhile Red Hat Virtualization\u0027s cockpit-ovirt has a dependency on lodash it doesn\u0027t use the vulnerable template function.\n\nWhile Red Hat Quay has a dependency on lodash via restangular it doesn\u0027t use the vulnerable template function.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23337" }, { "category": "external", "summary": "RHBZ#1928937", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928937" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23337", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23337" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23337", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23337" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724", "url": "https://snyk.io/vuln/SNYK-JS-LODASH-1040724" } ], "release_date": "2021-02-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-lodash: command injection via template" }, { "cve": "CVE-2021-23343", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-05-04T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1956818" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe", "title": "Vulnerability summary" }, { "category": "other", "text": "In Red Had Quay , whilst a vulnerable version of `path-parse` is included in the quay-rhel8 container it is a development dependency only, hence the impact by this vulnerability is low.\n\nIn OpenShift Container Platform (OCP), the hadoop component which is a part of the OCP metering stack, ships the vulnerable version of \u0027path-parse\u0027.\nSince the release of OCP 4.6, the metering product has been deprecated [1], hence the affected component is marked as wontfix.\nThis may be fixed in the future.\n\nIn Red Hat OpenShift Container Storage 4 the noobaa-core container includes the affected version of `path-parse`, however the vulnerable functionality is currently not used in any part of the product.\n\nIn Red Hat Virtualization cockpit-ovirt, ovirt-engine-ui-extensions and ovirt-web-ui use vulnerable version of `path-parse`, however for cockpit-ovirt it is a development time dependency only, and for ovirt-engine-ui-extensions and ovirt-web-ui the vulnerable functions are never used.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23343" }, { "category": "external", "summary": "RHBZ#1956818", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956818" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23343", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23343" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23343", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23343" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067", "url": "https://snyk.io/vuln/SNYK-JS-PATHPARSE-1077067" } ], "release_date": "2021-05-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe" }, { "cve": "CVE-2021-23346", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-03-22T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1941675" } ], "notes": [ { "category": "description", "text": "The html-parse-stringify library, as well as its fork html-parse-stringify2, are vulnerable to a Regular Expression Denial of Service attack (ReDos). A certain inputs could cause one of the regular expressions that is used for parsing to backtrack, freezing the process.", "title": "Vulnerability description" }, { "category": "summary", "text": "html-parse-stringify: Regular Expression DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "The access to the vulnerable library is protected by RHACM Authentication reducing impact of this flaw to LOW.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23346" }, { "category": "external", "summary": "RHBZ#1941675", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941675" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23346", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23346" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23346", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23346" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1080633", "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1080633" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-HTMLPARSESTRINGIFY-1079306", "url": "https://snyk.io/vuln/SNYK-JS-HTMLPARSESTRINGIFY-1079306" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-HTMLPARSESTRINGIFY2-1079307", "url": "https://snyk.io/vuln/SNYK-JS-HTMLPARSESTRINGIFY2-1079307" } ], "release_date": "2021-03-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "html-parse-stringify: Regular Expression DoS" }, { "cve": "CVE-2021-23362", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-03-25T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1943208" } ], "notes": [ { "category": "description", "text": "A regular expression denial of service vulnerability was found in hosted-git-info. If an application allows user input into the affected regular expression (regexp) function, `shortcutMatch` or `fromUrl`, then an attacker could craft a regexp which takes an ever increasing amount of time to process, potentially resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()", "title": "Vulnerability summary" }, { "category": "other", "text": "While some components do package a vulnerable version of hosted-git-info, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n\nSpecifically the following components:\n - The OCP hive-container does ship the vulnerable component, however since OCP 4.6 the Metering product has been deprecated [1], set as wont-fix and may be fixed in a future release.\n\nRed Hat Ceph Storage (RHCS) 4 packages a version of nodejs-hosted-git-info which is vulnerable to this flaw in the grafana-container shipped with it. \n\nRed Hat Quay includes hosted-git-info as a dependency of karma-coverage which is only used at development time. The hosted-git-info library is not used at runtime so the impact is low for Red Hat Quay.\n\nRed Hat Virtualization includes a vulnerable version of hosted-git-info, however it is only used during development. The hosted-git-info library is not used at runtime thus impact is rated Low and marked as \"wontfix\" at this time. Future updates may address this flaw.\n\n[1] - https://access.redhat.com/solutions/5707561", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23362" }, { "category": "external", "summary": "RHBZ#1943208", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943208" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23362", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23362" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23362", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23362" } ], "release_date": "2021-03-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()" }, { "cve": "CVE-2021-23364", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-04-30T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1955619" } ], "notes": [ { "category": "description", "text": "Regular Expression Denial of Service (ReDoS) vulnerability was found in browserslist library. An attacker can use this vulnerability to parse a query which potentially can lead to service degradation.", "title": "Vulnerability description" }, { "category": "summary", "text": "browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS)", "title": "Vulnerability summary" }, { "category": "other", "text": "While some components do package a vulnerable version of nodejs browserslist library, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. \nThis applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n\nIn Red Had Quay , whilst a vulnerable version of `browserslist` is included in the quay-rhel8 container it is a development dependency only, therefor the impact is low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23364" }, { "category": "external", "summary": "RHBZ#1955619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1955619" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23364", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23364" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23364", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23364" } ], "release_date": "2021-04-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS)" }, { "cve": "CVE-2021-23368", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-04-12T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1948763" } ], "notes": [ { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `postcss`. When parsing a supplied CSS string, if it contains an unexpected value then as the supplied CSS grows in length it will take an ever increasing amount of time to process. An attacker can use this vulnerability to potentially craft a malicious a long CSS value to process resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-postcss: Regular expression denial of service during source map parsing", "title": "Vulnerability summary" }, { "category": "other", "text": "In Red Hat OpenShift Container Platform (RHOCP), OpenShift ServiceMesh (OSSM) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable nodejs-postcss library to authenticated users only, therefore the impact is low.\n\nRed Hat OpenShift Container Platform 4 delivers the kibana package where the nodejs-postcss library is used, but due to the code changing to the container first content the kibana package is marked as wontfix. This may be fixed in the future.\n\nIn Red Had Quay , whilst a vulnerable version of `postcss` is included in the quay-rhel8 container it is a development dependency only, therefor the impact is low.\n\nIn Red Hat Virtualization a vulnerable version of postcss is used in cockpit-ovirt, ovirt-web-ui and ovirt-engine-ui-extensions. However, it is only used during development and is used to process known CSS content. This flaw has been marked as \"wontfix\" and it may be addressed in future updates.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23368" }, { "category": "external", "summary": "RHBZ#1948763", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948763" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23368", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23368" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23368", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23368" } ], "release_date": "2021-04-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-postcss: Regular expression denial of service during source map parsing" }, { "cve": "CVE-2021-23369", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)" }, "discovery_date": "2021-04-12T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1948761" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-handlebars. A missing check when getting prototype properties in the template function allows an attacker, who can provide untrusted handlebars templates, to execute arbitrary code in the javascript system (e.g. browser or server) when the template is compiled with the strict:true option. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenShift Container Platform (OCP) 4 delivers the kibana package which includes Handlebars.js. From OCP 4.6, the kibana package is no longer shipped and will not be fixed. \nThe openshift4/ose-logging-kibana6 container includes Handlebars.js directly as container first code.\n\nIn OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) some components include the vulnerable handlebars library, but access is protected by OpenShift OAuth what reducing impact by this flaw to LOW.\n\nRed Hat Quay includes Handlebars.js as a development dependency. It does not use Handlebars.js at runtime to process templates so have been given a low impact rating.\n\nRed Hat Gluster Storage 3 bundles vulnerable Handlebars.js (with pcs), however it does not use \"strict\" option and templates from external sources, hence this issue has been rated as having a security impact of Low.\n\nIn Red Hat Virtualization ovirt-engine-ui-extensions and ovirt-web-ui Handlebars.js is included as a dependency of conventional-changelog-writer, it does not impact production code and as such has been given a low impact rating and set to wontfix. Handlebars.js may be updated to a newer version in future updates.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23369" }, { "category": "external", "summary": "RHBZ#1948761", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1948761" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23369", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23369" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23369", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23369" } ], "release_date": "2021-04-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option" }, { "cve": "CVE-2021-23382", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-04-26T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954150" } ], "notes": [ { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `postcss` when using getAnnotationURL() or loadAnnotation() options in lib/previous-map.js. An attacker can use this vulnerability to potentially craft a malicious CSS to process resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js", "title": "Vulnerability summary" }, { "category": "other", "text": "In Red Hat OpenShift Container Platform (RHOCP), OpenShift ServiceMesh (OSSM) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable nodejs-postcss library to authenticated users only, therefore the impact is low.\n\nRed Hat OpenShift Container Platform 4 delivers the kibana package where the nodejs-postcss library is used, but due to the code changing to the container first content the kibana package is marked as wontfix. This may be fixed in the future.\n\nIn Red Had Quay , whilst a vulnerable version of `postcss` is included in the quay-rhel8 container it is a development dependency only, therefor the impact is low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23382" }, { "category": "external", "summary": "RHBZ#1954150", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954150" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23382", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23382" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23382", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23382" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640", "url": "https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640" } ], "release_date": "2021-04-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js" }, { "cve": "CVE-2021-23383", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)" }, "discovery_date": "2021-04-12T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1956688" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-handlebars. A unescaped value in the JavaScriptCompiler.prototype.depthedLookup function allows an attacker, who can provide untrusted handlebars templates, to execute arbitrary code in the javascript system (e.g. browser or server) when the template is compiled with the compat:true option. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenShift Container Platform (OCP) 4 delivers the kibana component which includes Handlebars.js. Starting in 4.6, kibana is shipping as \"container first\" content. As such, the fix for OCP will be seen in the affected products table under openshift4/ose-logging-kibana6. The separate package \"kibana\" listed under \"OpenShift Container Platform 4\" is only used by 4.5 and earlier and will not be fixed.\n\nIn OpenShift Container Platform (OCP) and OpenShift ServiceMesh (OSSM) some components include the vulnerable handlebars library, but access is protected by OpenShift OAuth what reducing impact by this flaw to LOW.\n\nRed Hat Quay includes Handlebars.js as a development dependency. It does not use Handlebars.js at runtime to process templates so have been given a low impact rating.\n\nRed Hat Gluster Storage 3 bundles vulnerable Handlebars.js (with pcs), however it does not use \"compat\" option and templates from external sources, hence this issue has been rated as having a security impact of Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23383" }, { "category": "external", "summary": "RHBZ#1956688", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956688" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23383", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23383" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23383", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23383" } ], "release_date": "2021-04-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option" }, { "cve": "CVE-2021-23839", "discovery_date": "2021-02-16T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1930294" } ], "notes": [ { "category": "description", "text": "A flaw was found in openssl. OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. However since there is no support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a security issue in that version. OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.0.2y (Affected 1.0.2s-1.0.2x).", "title": "Vulnerability description" }, { "category": "summary", "text": "openssl: incorrect SSLv2 rollback protection", "title": "Vulnerability summary" }, { "category": "other", "text": "Versions of OpenSSL packages shipped with Red Hat Enterprise Linux 7.4 and later do not support SSLv2 and therefore are not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23839" }, { "category": "external", "summary": "RHBZ#1930294", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930294" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23839", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23839" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23839", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23839" } ], "release_date": "2021-02-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "openssl: incorrect SSLv2 rollback protection" }, { "cve": "CVE-2021-23840", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2021-02-09T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1930324" } ], "notes": [ { "category": "description", "text": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "openssl: integer overflow in CipherUpdate", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw only affects applications which are compiled with OpenSSL and using EVP_CipherUpdate, EVP_EncryptUpdate or EVP_DecryptUpdate functions. When specially-crafted values are passed to these functions, it can cause the application to crash or behave incorrectly.\n\nOpenSSL in Red Hat Enterprise Linux 9 was marked as not affected as its already fixed in RHEL9 Alpha release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23840" }, { "category": "external", "summary": "RHBZ#1930324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930324" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23840", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23840" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840" }, { "category": "external", "summary": "https://www.openssl.org/news/secadv/20210216.txt", "url": "https://www.openssl.org/news/secadv/20210216.txt" } ], "release_date": "2021-02-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "openssl: integer overflow in CipherUpdate" }, { "cve": "CVE-2021-23841", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2021-02-16T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1930310" } ], "notes": [ { "category": "description", "text": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()", "title": "Vulnerability summary" }, { "category": "other", "text": "This is a a null pointer dereference in the X509_issuer_and_serial_hash() function, which can result in crash if called by an application compiled with OpenSSL, by passing a specially-crafted certificate. OpenSSL internally does not use this function.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23841" }, { "category": "external", "summary": "RHBZ#1930310", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930310" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23841", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23841" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841" }, { "category": "external", "summary": "https://www.openssl.org/news/secadv/20210216.txt", "url": "https://www.openssl.org/news/secadv/20210216.txt" } ], "release_date": "2021-02-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" }, { "category": "workaround", "details": "As per upstream \"The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources.\"", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()" }, { "cve": "CVE-2021-27292", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-03-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1940613" } ], "notes": [ { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in the npm library `ua-parser-js`. If a supplied user agent matches the `Noble` string and contains many spaces then the regex will conduct backtracking, taking an ever increasing amount of time depending on the number of spaces supplied. An attacker can use this vulnerability to potentially craft a malicious user agent resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header", "title": "Vulnerability summary" }, { "category": "other", "text": "While some components do package a vulnerable version of ua-parser-js, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM) \n - Red Hat OpenShift Jaeger (RHOSJ)\n - Red Hat OpenShift Logging\n\nThe OCP presto-container does ship the vulnerable component, however since OCP 4.6 the Metering product has been deprecated [1], set as wont-fix and may be fixed in a future release.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships graphql-tools that pulls 0.7.23 version of ua-parser-js that uses the affected code.\n\n[1] - https://access.redhat.com/solutions/5707561", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-27292" }, { "category": "external", "summary": "RHBZ#1940613", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940613" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-27292", "url": "https://www.cve.org/CVERecord?id=CVE-2021-27292" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27292" }, { "category": "external", "summary": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76", "url": "https://gist.github.com/b-c-ds/6941d80d6b4e694df4bc269493b7be76" } ], "release_date": "2021-02-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-ua-parser-js: ReDoS via malicious User-Agent header" }, { "cve": "CVE-2021-27358", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-03-18T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1941024" } ], "notes": [ { "category": "description", "text": "A flaw was found in Grafana. The snapshot feature allows unauthenticated remote attackers to trigger a denial of service (DoS) via a remote API call if anonymous access is enabled. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "grafana: snapshot feature allow an unauthenticated remote attacker to trigger a DoS via a remote API call", "title": "Vulnerability summary" }, { "category": "other", "text": "While in OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) there is shipped a vulnerable version of grafana, access to the grafana panel is behind OpenShift OAuth proxy and requires admin permissions. Therefore these components are affected but with impact Low.\n\nRed Hat Ceph Storage (RHCS) and Red Hat Gluster Storage 3 does not ship the directly affected code, however, they are still affected by this vulnerability because it allows the same configuration of anonymous snapshots, hence this issue has been rated as having a security impact of Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-27358" }, { "category": "external", "summary": "RHBZ#1941024", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941024" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-27358", "url": "https://www.cve.org/CVERecord?id=CVE-2021-27358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27358" }, { "category": "external", "summary": "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-2/", "url": "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-2/" } ], "release_date": "2021-02-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "grafana: snapshot feature allow an unauthenticated remote attacker to trigger a DoS via a remote API call" }, { "cve": "CVE-2021-28092", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-03-12T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1939103" } ], "notes": [ { "category": "description", "text": "A flaw was found in is-svg package. A malicious string provided by an attacker may lead to Regular Expression Denial of Service (ReDoS).\r\nThe highest threat from this vulnerability is to availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-is-svg: ReDoS via malicious string", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenShift Container Platform (RHOCP) 4 delivers the kibana package where the nodejs-is-svg package is bundled, but during the update to container first (to openshift4/ose-logging-kibana6 since OCP 4.5) the dependency was removed and hence kibana package is marked as wontfix. This may be fixed in the future.\n\nIn OpenShift ServiceMesh (OSSM) and Red Hat OpenShift Container Platform (RHOCP) the affected components are behind OpenShift OAuth. This restricts access to the vulnerable nodejs-is-svg to authenticated users only, therefore the impact is low.\n\nRed Hat Quay includes is-svg as a dependency of css-loader which is only using during development, not runtime. This issues has been rated low impact for Red Hat Quay.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-28092" }, { "category": "external", "summary": "RHBZ#1939103", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939103" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-28092", "url": "https://www.cve.org/CVERecord?id=CVE-2021-28092" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-28092", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28092" } ], "release_date": "2021-03-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-is-svg: ReDoS via malicious string" }, { "cve": "CVE-2021-28918", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "discovery_date": "2021-03-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1944827" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-netmask. Octal input data may lead to a server-side request forgery, remote file inclusion, local file inclusion, and other vulnerabilities. The highest threat from this vulnerability is to data integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-netmask: improper input validation of octal input data", "title": "Vulnerability summary" }, { "category": "other", "text": "The impact of this flaw largely depends on the environment where the affected library is being used. This flaw could be used to redirect an adversary to an exposed, unprotected endpoint. Depending on the functionality of the affected endpoint that could result in a loss of confidentiality, integrity and availability.\nThe affected library is used in Red Hat Advanced Cluster Management for Kubernetes only in the development and build processes. Consequently the severity of this flaw to RHACM is downgraded to low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-28918" }, { "category": "external", "summary": "RHBZ#1944827", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944827" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-28918", "url": "https://www.cve.org/CVERecord?id=CVE-2021-28918" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-28918", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28918" }, { "category": "external", "summary": "https://sick.codes/universal-netmask-npm-package-used-by-270000-projects-vulnerable-to-octal-input-data-server-side-request-forgery-remote-file-inclusion-local-file-inclusion-and-more-cve-2021-28918", "url": "https://sick.codes/universal-netmask-npm-package-used-by-270000-projects-vulnerable-to-octal-input-data-server-side-request-forgery-remote-file-inclusion-local-file-inclusion-and-more-cve-2021-28918" } ], "release_date": "2021-03-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nodejs-netmask: improper input validation of octal input data" }, { "cve": "CVE-2021-29418", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-03-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1944822" } ], "notes": [ { "category": "description", "text": "The netmask package before 2.0.1 for Node.js mishandles certain unexpected characters in an IP address string, such as an octal digit of 9. This (in some situations) allows attackers to bypass access control that is based on IP addresses. NOTE: this issue exists because of an incomplete fix for CVE-2021-28918.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-netmask: incorrectly parses an IP address that has octal integer with invalid character", "title": "Vulnerability summary" }, { "category": "other", "text": "The impact of this flaw largely depends on the environment where the affected library is being used. This flaw could be used to redirect an adversary to an exposed, unprotected endpoint. Depending on the functionality of the affected endpoint that could result in a loss of confidentiality, integrity and availability. The affected library is used in Red Hat Advanced Cluster Management for Kubernetes only in the development and build processes. Consequently the severity of this flaw to RHACM is downgraded to low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-29418" }, { "category": "external", "summary": "RHBZ#1944822", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944822" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-29418", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29418" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29418", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29418" }, { "category": "external", "summary": "https://sick.codes/universal-netmask-npm-package-used-by-270000-projects-vulnerable-to-octal-input-data-server-side-request-forgery-remote-file-inclusion-local-file-inclusion-and-more-cve-2021-28918", "url": "https://sick.codes/universal-netmask-npm-package-used-by-270000-projects-vulnerable-to-octal-input-data-server-side-request-forgery-remote-file-inclusion-local-file-inclusion-and-more-cve-2021-28918" } ], "release_date": "2021-03-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-netmask: incorrectly parses an IP address that has octal integer with invalid character" }, { "cve": "CVE-2021-29477", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-05-05T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1957410" } ], "notes": [ { "category": "description", "text": "A flaw was found in redis. An integer overflow bug could be exploited to corrupt the heap and potentially result with remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "redis: Integer overflow via STRALGO LCS command", "title": "Vulnerability summary" }, { "category": "other", "text": "redis:5/redis as shipped in Red Hat Enterprise Linux 8 is not affected by this flaw because it does not ship a vulnerable version of Redis.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-29477" }, { "category": "external", "summary": "RHBZ#1957410", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957410" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-29477", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29477" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29477", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29477" }, { "category": "external", "summary": "https://github.com/redis/redis/security/advisories/GHSA-vqxj-26vj-996g", "url": "https://github.com/redis/redis/security/advisories/GHSA-vqxj-26vj-996g" } ], "release_date": "2021-05-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" }, { "category": "workaround", "details": "The flaw can be mitigated by disallowing usage of the STRALGO LCS command via ACL configuration. Please see https://redis.io/topics/acl for more information on how to do this.", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "redis: Integer overflow via STRALGO LCS command" }, { "cve": "CVE-2021-29478", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-05-05T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1957414" } ], "notes": [ { "category": "description", "text": "A flaw was found in redis. An integer overflow bug could be exploited to corrupt the heap and potentially result with remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "redis: Integer overflow via COPY command for large intsets", "title": "Vulnerability summary" }, { "category": "other", "text": "redis:6/redis and redis:5/redis shipped in Red Hat Enterprise Linux 8 are not affected by this flaw as they do not ship vulnerable versions of Redis.\n\nThe versions of Redis provided by Red Hat OpenStack Platform are not directly affected by this issue. As a result the impact is lowered and no update will be provided at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-29478" }, { "category": "external", "summary": "RHBZ#1957414", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957414" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-29478", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29478" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29478", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29478" }, { "category": "external", "summary": "https://github.com/redis/redis/security/advisories/GHSA-qh52-crrg-44g3", "url": "https://github.com/redis/redis/security/advisories/GHSA-qh52-crrg-44g3" } ], "release_date": "2021-05-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" }, { "category": "workaround", "details": "The flaw can be mitigated by disallowing usage of the CONFIG SET command via ACL configuration. This will prevent clients from setting the set-max-intset-entries configuration parameter. Please see https://redis.io/topics/acl for more information on how to do this.", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "redis: Integer overflow via COPY command for large intsets" }, { "cve": "CVE-2021-29482", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-04-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954368" } ], "notes": [ { "category": "description", "text": "A flaw was found in github.com/ulikunitz/xz. The function readUvarint may not terminate a loop what could lead to denial of service (DoS).", "title": "Vulnerability description" }, { "category": "summary", "text": "ulikunitz/xz: Infinite loop in readUvarint allows for denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "In OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth authentication, therefore the impact is low.\nIn OCP before 4.7 the buildah, skopeo and podman packages include vulnerable version of github.com/ulikunitz/xz, but these OCP releases are already in the Maintenance Phase of the support, hence affected components are marked as wontfix. This may be fixed in the future.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-29482" }, { "category": "external", "summary": "RHBZ#1954368", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954368" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-29482", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29482" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29482", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29482" } ], "release_date": "2020-08-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "ulikunitz/xz: Infinite loop in readUvarint allows for denial of service" }, { "cve": "CVE-2021-33502", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-05-24T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1964461" } ], "notes": [ { "category": "description", "text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-normalize-url: ReDoS for data URLs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-33502" }, { "category": "external", "summary": "RHBZ#1964461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33502" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539", "url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539" } ], "release_date": "2021-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-normalize-url: ReDoS for data URLs" }, { "cve": "CVE-2021-33623", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-05-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1966615" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-trim-newlines. Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-trim-newlines: ReDoS in .end() method", "title": "Vulnerability summary" }, { "category": "other", "text": "OpenShift Container Platform (OCP) grafana-container does package a vulnerable verison of nodejs trim-newlines. However due to the instance being read only and behind OpenShift OAuth, the impact by this vulnerability is Low. Red Hat Advanced Cluster Management for Kubernetes (ACM) containers affected by this flaw are only accessible to authenticated users, thus the impact of this vulnerability is Low. \nRed Hat Virtualization (RHV) does package a vulnerable version of nodejs-trim-newlines. However, no untrusted content is being parsed therefore the impact of this vulnerability is Low.\n\nThe hosted services are shipped with the vulnerable packages, however the vulnerable methods were not identified in use at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64" ], "known_not_affected": [ "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:68d03077ad365380b4423e8fe98956ff3c98c4730369a9491f054a28d5345760_ppc64le", "7Server-RHACM-2.3:rhacm2/management-ingress-rhel7@sha256:a239b075be62ab938155b2a290df42ca6c87844ec92fc40004eb825e5758df2b_amd64", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:2252b3dd66f893abe0c4d541898d4dcf1a604d4c8f02579209b4f66e0cff51a3_ppc64le", "7Server-RHACM-2.3:rhacm2/memcached-exporter-rhel7@sha256:5fcaf9ae0df678b788e2d274e2d190f33ac0e37eda52144c76bd1e4fcf3b9253_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:70a03a5c0e56055dbf3b29314006c46485f8910f0cfdb38d2882d5fbfe6c7923_amd64", "7Server-RHACM-2.3:rhacm2/thanos-rhel7@sha256:78c66eebdd0c00a178f33378fe78080f8787bfde050df31295189ceb83a7a0d4_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f33a30e43ab5a41a96c905712047077c917b3eb906d8822c2d0f90fec78b2355_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-grafana-rhel8@sha256:f380a665914594ecc817eeeac06eb466cb0c5cb1c42b38a9ec5c2cb8d1323bf6_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:2326578bd8f60d6fd4da911609ab657d783c43104571677a37c2d8b4f879df5b_amd64", "8Base-RHACM-2.3:rhacm2/acm-must-gather-rhel8@sha256:e53aa386ee0e95aaaca27ae5485d2987bd439f638feb6b0504426853344f7593_ppc64le", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:595f4345c97f951c5733879f4d817668b9028805b1f2a158f915c19aa00f392c_amd64", "8Base-RHACM-2.3:rhacm2/acm-operator-bundle@sha256:ab534e92f377074a641c9b95927dd7a2ae535d7609a90a910089dd3f96659650_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:5a2e96226e24bccedc241ed01629d11212799dd2782f194014bb40c78142cde2_ppc64le", "8Base-RHACM-2.3:rhacm2/agent-service-rhel8@sha256:f279015fca7e0a2b4761128f1f63a3cbf8d4aae99fa5ce68ff58afef8a41e8b0_amd64", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:197f313e8925562a67f44a3819522def49c76097e904db071979665e21596914_ppc64le", "8Base-RHACM-2.3:rhacm2/application-ui-rhel8@sha256:cb5a61140e2e1209a350fea42f47dd54c5a6ff7f5d3d4815b498d7c0278190eb_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-agent-rhel8@sha256:86ea30769e1be161d7d35e8e695eaa1adf979e1f111e8efd0832a05c39fa1af7_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:219e2950b67b42b7d0ab47a9701de49459c0e310bb60d5996404e7e2880ee5dc_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-reporter-rhel8@sha256:2f06745bc8167f3e9ab7d707c6a27718dfb42f6d0c978300d44fe91f124edb93_ppc64le", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:05bee8661a60f77908ee1c6ec55b515e8f6d865005a4362f307812bf3e83e6d3_amd64", "8Base-RHACM-2.3:rhacm2/assisted-installer-rhel8@sha256:785d3f57e618c5550d16af5ff7b34b2fc31abcb5639e12affaf3f8b024721e1f_ppc64le", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:4253ccc3b174a60f7f082984061221f1a8194a7fe9ece498727c2d74cbe751af_s390x", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:9135ea82bf6e1e7813a8f860548235eaa55ca56595a87693e6fd69fa01beeb95_amd64", "8Base-RHACM-2.3:rhacm2/cert-policy-controller-rhel8@sha256:ca44f7b42ebab9aa10a14eb9ac5ad779c21af844597fe14e406744e22371a0f0_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:80e0c53aa0d3eeb457ebdb0f25f0e79f12dfcaaf6a484f9e012d053f10195b5c_ppc64le", "8Base-RHACM-2.3:rhacm2/cluster-curator-controller-rhel8@sha256:e401e7252b46d2cb650a432c9014133514ffbfed6d3cb9a4ce27c191b4cfb464_amd64", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:6b44d7751c03e6b52a851f94aba209ed836ba3c78fb4611f27529c59f06811dd_ppc64le", "8Base-RHACM-2.3:rhacm2/clusterlifecycle-state-metrics-rhel8@sha256:a068fb22bcab665d69b0680c9d2ed1ba3778f9841d79ebe61b7b24143c8b7bbc_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:33b8ccd92a36f175394daeb8c4e58562dac3663766bed956886457479e053cf1_amd64", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:9b6f27773595f4b081e04c6c716dde570aa2b28f3b2715616140ba0974dc9146_ppc64le", "8Base-RHACM-2.3:rhacm2/config-policy-controller-rhel8@sha256:acb330f9e7288d77d50a54e765f03fdb0164fa2320d5389cfe67dcc535483102_s390x", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:67f59ba703f92bb8b092d40b3c75df458b796e7b6399806457bbb7a70a2fa351_amd64", "8Base-RHACM-2.3:rhacm2/console-api-rhel8@sha256:7101ea89a454c845b15be7d68f10a37e34a009fbcad2525be9c63b4672e7430a_ppc64le", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:014d992e8986fa3574a4e19b45e23cfad0443e6d7d80d7e1dd23aa30c25e7ee7_amd64", "8Base-RHACM-2.3:rhacm2/console-rhel8@sha256:2f30d0c4403d1656e8b5afd0dbe659c7480c77a4d696a22ea3d07b8c939605f5_ppc64le", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:87b85efd28034795e0274697a2dfac07ca820cad8fae360ac5922bce1ca08dd5_amd64", "8Base-RHACM-2.3:rhacm2/discovery-rhel8-operator@sha256:d178f95cd47d0d834d5e2157718058e4602f280191c7e9e804f4a9a4ff0b2cb8_ppc64le", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:096a68d88614ac8fd42370a9bd25099a6253c5ee119eb0bb71ea7d0131de94b6_amd64", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:1d3bbcb000a09173db11558a586962ce2e10529445ed9c7fb9a1ecf544a444cf_s390x", "8Base-RHACM-2.3:rhacm2/endpoint-monitoring-rhel8-operator@sha256:758ad5aad036bf4268376e198b0176f6c536607ff8cacdf95bc7e5ddc1aa6c78_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:7064d759a005732bd660efa6fc5b506f8f2e161943569a4ba241dd97b48f7fee_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-propagator-rhel8@sha256:d9f770abbcc79d59b379fb3c63bcf86109b8cf88f64a04b7e935fbf129cd2248_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:2889d0aca0b626b88704f20e0abde187c10b7ad40c9b0be759bba9a686301c27_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:77f1d5951dd2fd32454a30d6a7b4ae6a0d3613b146fff2fc0bbbddbf7e35d929_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-spec-sync-rhel8@sha256:8ab9c5db594cf05664bf578e4369ea0cc13c54fb00076d713f9421c9e1bac5f1_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:8f962081fd273b4fc87934f562a18da61f6afb3203c5a2491fce09327f63ce8a_amd64", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:942aed2956244111ea4b53b258dbe49beda99ee073505a07a99d2216e9f2c19a_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-status-sync-rhel8@sha256:b48ed4c19fe1bead0d0353d718976718873beeda08384ffb169adfb54d0a2bb6_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:1d5cf0d59ce619a8378064070b79bc48b4bc939a2f8a4ebc14eb0a88c7ace5bb_ppc64le", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:315ebfc14bf7cdc8372c9d649a67381bd7f5b8ebff5391cc912a3f6ded8da06e_s390x", "8Base-RHACM-2.3:rhacm2/governance-policy-template-sync-rhel8@sha256:560187e90602c5288edd2f9db98608b8a695ca584b2fb75c100a80f71f147b43_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:24a442b037bbf9686e7f6dd555d490f651f71bc242476da51f1d536b38612503_amd64", "8Base-RHACM-2.3:rhacm2/grafana-dashboard-loader-rhel8@sha256:b9c8270ee9116cdb4bdaca3e993cb64a265b9653dc3f4a19a506eefc8057fb86_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:a4fec40e8da777bc18b0b5d590e467fdaaf5522dcb74d5e96422423c0ef949cb_amd64", "8Base-RHACM-2.3:rhacm2/grc-ui-api-rhel8@sha256:b166cb83c9027e06e9872e9858f7b606c98b2666602cdd084bb09d58bffbe658_ppc64le", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:43c03baa265243b17eb6fe74ed0ed8e48a60157fa1178140608bce4f87118a58_amd64", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:81f6a2ca4104035ece531ef10b5b4313dbd89029209a658497bbae803ecd4d93_s390x", "8Base-RHACM-2.3:rhacm2/iam-policy-controller-rhel8@sha256:bf421fa222c64b5676d2474cada71292d8eb18996b89fdb2299eee5c6bcba387_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:7829a355c252efc2cc12896a72c8bb05a8ea616fb920eedeed34e52fef5986a1_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-client-rhel8@sha256:88f97d75834fadedb2e7f7d141355fa471509f6f903c1bccf8c016c2fa0abc10_amd64", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:87b49c5a325dccb4b6c1cc85aaa973184795aaf9ae407186bb3726f1fd4b2fa9_ppc64le", "8Base-RHACM-2.3:rhacm2/insights-metrics-rhel8@sha256:916b1e02f73c1121c6a1b75ffedcbfe325c45df2dd2c9d81cb808bb15b8e7b9e_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:8df1e8302d2332fb83d7c96247bb3f92d07def76bee0006a0065982e29dfe889_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-controller-rhel8@sha256:c6f4abbf90f58aa81efcf17a34bf4ced009a39e616ba070ca85fcfc101fcd586_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:203f403a6a5d6998451cf842ab3ce429859d6f5a7c35ebce83207bfec52a4ab8_amd64", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:2e79b7fa8fe19c034a0deea4e8cc938025eafc7237171e0e879f717cc883a2eb_ppc64le", "8Base-RHACM-2.3:rhacm2/klusterlet-addon-rhel8-operator@sha256:c5971fb87c03c67658d7b3aca083893b7d0eff969f2aa2d96071ff4a21740ffe_s390x", "8Base-RHACM-2.3:rhacm2/klusterlet-operator-bundle@sha256:281fe57deda5c26e8861540513479fa08bc697eb35fb40544abf0fb697a73a16_amd64", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a5395d14d1147afd4a7cb6d20dfac4d40dcedbb395647114401d7e2c8dd7e433_ppc64le", "8Base-RHACM-2.3:rhacm2/kui-web-terminal-rhel8@sha256:a76adc92bcaf01db68b1d3e1d6156343ed9477409c87ec19add2ffd19f216f20_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:8c02e668c5f26c95f68c5b6395425ec6cc5cecbd926899821f84a7069b84202a_amd64", "8Base-RHACM-2.3:rhacm2/managedcluster-import-controller-rhel8@sha256:ef4a8758c40978c5c537d65a621d33262c86ad229008888b3a2557868d2c6c9e_ppc64le", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:517812e65af8b2ac3c5d78a1c2e15826491905dc1d36c7aefa46a6a7a833da84_amd64", "8Base-RHACM-2.3:rhacm2/memcached-rhel8@sha256:f9eb7f4d6c8810ee662686e3c36365d397b2b17b3584e851e312791ac2a55b20_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:0f2dfbaf32b44435969a789f9cf257e7f7b06ac8080336d606a14ed6f10efcb4_ppc64le", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:7eb2f86eccc020b40faba06d79aa848669ac86393d80419f6acd4acc1df80f12_s390x", "8Base-RHACM-2.3:rhacm2/metrics-collector-rhel8@sha256:811221298ca0e6254ccbb2819a6886de2d9d37a23db34b4696bd6cd6fd19a004_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:0b69017e2304f26ea156b9c14f8d75958e841e60b5d4a45b6824f75da2b332f9_amd64", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:1898dcc7d1dc07ac124f59baf93505800841589cebc9486ab99b9aad8d63d840_ppc64le", "8Base-RHACM-2.3:rhacm2/multicloud-manager-rhel8@sha256:86598c130193e2a37f0b89a6757598bc3f6e75e8955a56237f16fbe1bddeb102_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:68920380008e1452f66df706fb29bdc024d4ba8e386fb050b14ab6509fd44974_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-observability-rhel8-operator@sha256:825d8ce5e1991e444b1f7bd9926dd43137ca46613071b8b30ce1dfc648ec8d1b_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:01f5b5906ea3c31b488d2b950caba3000f12b4e22bf686758787ea8d65e09763_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-application-rhel8@sha256:dab68b0ece70a8b60abb670cb4eb6807e6a8092bbc10785ae8f55d448a5ac9b8_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:a710d4b57c738f3425540302874bd0a781d2c80038bf6f5dc3988d35b684b1f3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-channel-rhel8@sha256:f35296ca09810533a6cc14f2ded1f3c35eb8c3c23497768f115cca2f7b001177_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:0bca925ef2f8bb1920f44b6358d8a041237f93316a6d2006ef60bae4d7f10c52_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-deployable-rhel8@sha256:a8f3036383cdbedac0fec39303c169d3948e82b03ebc2fec3f022b8bbb4db234_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:157f8c70f82bbbaf3507babc352329a2a2789efad43f77e8bb2275769e129788_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-placementrule-rhel8@sha256:ff71e2d4fec7494a15c9077d65f49b52010c32810d710611de270031da0016fe_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:336f8eb6acb4a097dee40844a3d4a9244494487dc9055abdded3397408fdd2a3_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-release-rhel8@sha256:482895b556a5cc93911f0822694a668d00ddfdd68f43f9447811b225fc629062_ppc64le", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:24295f8e32d3a5e3a27d8192356193c14f87f77c05fc0d7f53a759ba885e038f_amd64", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:350ab17ec6f16c5a2d49bc995af9b54f374fe2667d81b772d4a0358eee3aa38c_s390x", "8Base-RHACM-2.3:rhacm2/multicluster-operators-subscription-rhel8@sha256:9b1af63e834c89c0a74afacfc993cf74a783e5c7163dda21ad241e79e9438bff_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:5bc3bfb59fc0db3efdd2f86046eb828b7b16383bd54ec4c6a739d1b781857f9c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-repo-rhel8@sha256:e2ad44f26fc5f9777c40df6c923e8a59cde85eeb64c0c8d2b19e0bc2aa96a53f_ppc64le", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:3424ef0fe946fe37258bdcf2ea794881a96e3c75009c69b22c39622923226b3c_amd64", "8Base-RHACM-2.3:rhacm2/multiclusterhub-rhel8@sha256:4a1051e771e8935a788cfb52f5601ac452e138f24505435cfbe3dfabf0136ee9_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e5138bb8f1b1ba7f2bdcb9b697188c005e8c7ecfebc5ede0f6fba232b71127ee_ppc64le", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8-operator@sha256:e6236689b54d87a4de12d93ee69b0e93ec51b0f84e37613346cffeb82b022275_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:24d7b8e78bb2af77ff0e688972ca1f825f38f403fa5e6e4cca4a1ef0c59d8508_amd64", "8Base-RHACM-2.3:rhacm2/observatorium-rhel8@sha256:75733804c717928002827768288d11b9cf0ea542d38b24d66de4f41f85a1684c_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel7@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:28bb7fb21d9d1e9f64efbc3f4a16a7632a4b02f190d437d71a79be346f2f9665_amd64", "8Base-RHACM-2.3:rhacm2/openshift-hive-rhel8@sha256:d08843cef5f9daf75bdbfd53d2a859b747dd350ad275075a0d050be7ebb6225a_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:783d7fe77c0b1df928efeb17d52027fa64c3278d534f2a070b0e5a08c2b9dd8b_ppc64le", "8Base-RHACM-2.3:rhacm2/placement-rhel8@sha256:d17a5c6d1786850df7fd0658b3245dbe13edad794b37e8678b980c3d1fff9416_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:2e1f04f234609c01583d3bfe5d489a1376d5099a3dbb8ecb0e48573dd9c7f041_amd64", "8Base-RHACM-2.3:rhacm2/prometheus-alertmanager-rhel8@sha256:a9e434b3baac0bf1f166dc03256918517041a138b210f9aa91d6cfc573cdada5_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:903599c8028eb211b566dc97bac5d677169f0cd4ddb046ddf6b3dd91aca8019d_ppc64le", "8Base-RHACM-2.3:rhacm2/provider-credential-controller-rhel8@sha256:d7c4326d76dfd47f0231b25cbb88be8f6086e77e2ff82e9fd39098c702eca9a8_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:481e319bf386cc3ac35ff861d998a373e83512f4267438901f9ac46a11be550f_amd64", "8Base-RHACM-2.3:rhacm2/rbac-query-proxy-rhel8@sha256:84e183f047cc82a7be8b17c2c35064455b9bb964f6cb6e85f8ae20c3d3b2dcb0_ppc64le", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:017a0c8c926f8073b68eddd470350b75456c89443a72615a08acc7f2918a6307_amd64", "8Base-RHACM-2.3:rhacm2/redisgraph-tls-rhel8@sha256:47cbef0b7c95d22904b9b8665f04f13bc3a20f93bb7a1bd50bc510652f2ba4a1_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:02d049448f839ed36c33fe534fb6c0e5de3bd7a47b3da937e472da098ee315d7_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:9a86fc7b70340d0c2fd991d472f53b01781e7446d9797c14f2bb9692b2e40a2d_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8-operator@sha256:ccbc0f37a6ccc72dfd9665c87523138ac5d5785fa6101697df6dcea6d0f1b93e_amd64", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:70910e512e4cbd8ec04ad179929ccccf535390cb287cb90a5e31f95e932b6bff_ppc64le", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b028b814c8220e3e364f8ef997c6eefdbfa7f2a6197ac64ca1c3bcacab22a639_s390x", "8Base-RHACM-2.3:rhacm2/registration-rhel8@sha256:b4711655deb239c47233e4359fcbab8990c9bcb468252dda1c6d61d23b402a94_amd64", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:665b2ab9d1080ee0cdd55773790fd206fd9f54752f2504ffe2a481d0f385e77a_ppc64le", "8Base-RHACM-2.3:rhacm2/search-aggregator-rhel8@sha256:e4c31fb4e50ffc4d329e4413942756ce411ff378623dacba412cffdaf203dd04_amd64", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:89abf0bd74c8d195ad7aa1c0e4c877c97e9a097fb9b073c4bf104659328edd98_ppc64le", "8Base-RHACM-2.3:rhacm2/search-api-rhel8@sha256:a2c68cc47b93fa6fa9a7ff6b62d1050e6d51418ad7da89e0250d0990029ea0a8_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:6037283955ab68e15dd2d17053b869b6d4c74ed1185a88142958d77dbd6fa6a7_s390x", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ac2bf0634b53dd935be50c3fbb9b0c96d4a1a81acc71f1a4eaa0b7d7e92f2e5a_amd64", "8Base-RHACM-2.3:rhacm2/search-collector-rhel8@sha256:ca730a30d8edb63e7a6e28db9afd428dc77ebad3555eae3f5ceb3d56b2907ee5_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:98c7f580f6aa3711256712dd66f2853d7206e17cb281dc677ea4d016c93b8361_ppc64le", "8Base-RHACM-2.3:rhacm2/search-rhel8@sha256:a0b2f0bf952b0ea31a4dcff7747a7873d152c56e6024ba6556b8631971c34106_amd64", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:8bb4b3d9d515e19356d1dd7bb4cff0a2d7055da1680f5053d2a0c083d88877bf_ppc64le", "8Base-RHACM-2.3:rhacm2/search-ui-rhel8@sha256:926d64dc19814c658113b6e4690792ae8b0ca6495fc6bc15208ccee4e35faba5_amd64", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:1560c15d06c0aee8860a4c534936606c454db64a378ce4f94e710c8925f0b0d6_ppc64le", "8Base-RHACM-2.3:rhacm2/submariner-addon-rhel8@sha256:812eaced7a55bd801cc82252fdb4b173f0c2f9cd989ee479a251ba8a0ba789f3_amd64", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:81162cdfccc9fc1741ac256f63b2b7982f497117729a975706055140a26a87fc_ppc64le", "8Base-RHACM-2.3:rhacm2/thanos-receive-controller-rhel8@sha256:a5cb69e4a88fa5724d0734d9d98bcf7e4279a60e10c4a750c77a676e0a0a4884_amd64", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:3353ce83ac28f6024afd00f24dd12eeb77f5c56f43cb754aa108339a2685c37d_ppc64le", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ac1b865f3262025f6e430ae64de444f3a4d8aa0baf08ccf643bb8e7f3cbf4bb4_s390x", "8Base-RHACM-2.3:rhacm2/work-rhel8@sha256:ea6b083a6eed02430cab8d48fd7678f1be9f6f2ef87b3057977b38a4381979b9_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-33623" }, { "category": "external", "summary": "RHBZ#1966615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33623", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33623" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33623", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33623" } ], "release_date": "2021-05-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-08-06T00:48:52+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3016" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:238544f1854fddd2e03704ef4857c34a48ad1cb277dedae9611a7fd28de856cf_ppc64le", "8Base-RHACM-2.3:rhacm2/grc-ui-rhel8@sha256:8ee5d53bd32a907295a3b7bc7e0940c1af2bfc37a4bd3c89a17e91745c36977a_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-trim-newlines: ReDoS in .end() method" } ] }
rhsa-2022_6595
Vulnerability from csaf_redhat
Published
2022-09-20 12:27
Modified
2024-11-06 01:39
Summary
Red Hat Security Advisory: nodejs and nodejs-nodemon security and bug fix update
Notes
Topic
An update for nodejs and nodejs-nodemon is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (16.16.0), nodejs-nodemon (2.0.19). (BZ#2124230, BZ#2124233)
Security Fix(es):
* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)
* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* nodejs: npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace (CVE-2022-29244)
* nodejs: DNS rebinding in --inspect via invalid IP addresses (CVE-2022-32212)
* nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding (CVE-2022-32213)
* nodejs: HTTP request smuggling due to improper delimiting of header fields (CVE-2022-32214)
* nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding (CVE-2022-32215)
* got: missing verification of requested URLs allows redirects to UNIX sockets (CVE-2022-33987)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* nodejs:16/nodejs: Rebase to the latest Nodejs 16 release [rhel-9] (BZ#2121019)
* nodejs: Specify --with-default-icu-data-dir when using bootstrap build (BZ#2124299)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for nodejs and nodejs-nodemon is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (16.16.0), nodejs-nodemon (2.0.19). (BZ#2124230, BZ#2124233)\n\nSecurity Fix(es):\n\n* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* nodejs: npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace (CVE-2022-29244)\n\n* nodejs: DNS rebinding in --inspect via invalid IP addresses (CVE-2022-32212)\n\n* nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding (CVE-2022-32213)\n\n* nodejs: HTTP request smuggling due to improper delimiting of header fields (CVE-2022-32214)\n\n* nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding (CVE-2022-32215)\n\n* got: missing verification of requested URLs allows redirects to UNIX sockets (CVE-2022-33987)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* nodejs:16/nodejs: Rebase to the latest Nodejs 16 release [rhel-9] (BZ#2121019)\n\n* nodejs: Specify --with-default-icu-data-dir when using bootstrap build (BZ#2124299)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:6595", "url": "https://access.redhat.com/errata/RHSA-2022:6595" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1907444", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444" }, { "category": "external", "summary": "1945459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459" }, { "category": "external", "summary": "1964461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461" }, { "category": "external", "summary": "2007557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557" }, { "category": "external", "summary": "2098556", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2098556" }, { "category": "external", "summary": "2102001", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102001" }, { "category": "external", "summary": "2105422", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105422" }, { "category": "external", "summary": "2105426", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105426" }, { "category": "external", "summary": "2105428", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105428" }, { "category": "external", "summary": "2105430", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105430" }, { "category": "external", "summary": "2121019", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2121019" }, { "category": "external", "summary": "2124299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124299" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6595.json" } ], "title": "Red Hat Security Advisory: nodejs and nodejs-nodemon security and bug fix update", "tracking": { "current_release_date": "2024-11-06T01:39:13+00:00", "generator": { "date": "2024-11-06T01:39:13+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2022:6595", "initial_release_date": "2022-09-20T12:27:54+00:00", "revision_history": [ { "date": "2022-09-20T12:27:54+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-09-20T12:27:54+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T01:39:13+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 9)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.16.0-1.el9_0.src", "product": { "name": "nodejs-1:16.16.0-1.el9_0.src", "product_id": "nodejs-1:16.16.0-1.el9_0.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.16.0-1.el9_0?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.19-1.el9_0.src", "product": { "name": "nodejs-nodemon-0:2.0.19-1.el9_0.src", "product_id": "nodejs-nodemon-0:2.0.19-1.el9_0.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.19-1.el9_0?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.16.0-1.el9_0.aarch64", "product": { "name": "nodejs-1:16.16.0-1.el9_0.aarch64", "product_id": "nodejs-1:16.16.0-1.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "product": { "name": "nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "product_id": "nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-1:16.16.0-1.el9_0.aarch64", "product": { "name": "nodejs-libs-1:16.16.0-1.el9_0.aarch64", "product_id": "nodejs-libs-1:16.16.0-1.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "product": { "name": "npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "product_id": "npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.1.el9_0?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "product": { "name": "nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "product_id": "nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "product": { "name": "nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "product_id": "nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "product": { "name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "product_id": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.16.0-1.el9_0?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.16.0-1.el9_0.ppc64le", "product": { "name": "nodejs-1:16.16.0-1.el9_0.ppc64le", "product_id": "nodejs-1:16.16.0-1.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "product": { "name": "nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "product_id": "nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "product": { "name": "nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "product_id": "nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "product": { "name": "npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "product_id": "npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.1.el9_0?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "product": { "name": "nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "product_id": "nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "product": { "name": "nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "product_id": "nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "product": { "name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "product_id": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.16.0-1.el9_0?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.16.0-1.el9_0.x86_64", "product": { "name": "nodejs-1:16.16.0-1.el9_0.x86_64", "product_id": "nodejs-1:16.16.0-1.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "product": { "name": "nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "product_id": "nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-1:16.16.0-1.el9_0.x86_64", "product": { "name": "nodejs-libs-1:16.16.0-1.el9_0.x86_64", "product_id": "nodejs-libs-1:16.16.0-1.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64", "product": { "name": "npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64", "product_id": "npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.1.el9_0?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "product": { "name": "nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "product_id": "nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "product": { "name": "nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "product_id": "nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "product": { "name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "product_id": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.16.0-1.el9_0?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "nodejs-libs-1:16.16.0-1.el9_0.i686", "product": { "name": "nodejs-libs-1:16.16.0-1.el9_0.i686", "product_id": "nodejs-libs-1:16.16.0-1.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs@16.16.0-1.el9_0?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.16.0-1.el9_0.i686", "product": { "name": "nodejs-debugsource-1:16.16.0-1.el9_0.i686", "product_id": "nodejs-debugsource-1:16.16.0-1.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-1.el9_0?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "product": { "name": "nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "product_id": "nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-1.el9_0?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "product": { "name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "product_id": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.16.0-1.el9_0?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.16.0-1.el9_0.s390x", "product": { "name": "nodejs-1:16.16.0-1.el9_0.s390x", "product_id": "nodejs-1:16.16.0-1.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.16.0-1.el9_0?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "product": { "name": "nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "product_id": "nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@16.16.0-1.el9_0?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-1:16.16.0-1.el9_0.s390x", "product": { "name": "nodejs-libs-1:16.16.0-1.el9_0.s390x", "product_id": "nodejs-libs-1:16.16.0-1.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs@16.16.0-1.el9_0?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "product": { "name": "npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "product_id": "npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.11.0-1.16.16.0.1.el9_0?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "product": { "name": "nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "product_id": "nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.16.0-1.el9_0?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "product": { "name": "nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "product_id": "nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.16.0-1.el9_0?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "product": { "name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "product_id": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-libs-debuginfo@16.16.0-1.el9_0?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nodejs-docs-1:16.16.0-1.el9_0.noarch", "product": { "name": "nodejs-docs-1:16.16.0-1.el9_0.noarch", "product_id": "nodejs-docs-1:16.16.0-1.el9_0.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-docs@16.16.0-1.el9_0?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "product": { "name": "nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "product_id": "nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.19-1.el9_0?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64" }, "product_reference": "nodejs-1:16.16.0-1.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le" }, "product_reference": "nodejs-1:16.16.0-1.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x" }, "product_reference": "nodejs-1:16.16.0-1.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.16.0-1.el9_0.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src" }, "product_reference": "nodejs-1:16.16.0-1.el9_0.src", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64" }, "product_reference": "nodejs-1:16.16.0-1.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64" }, "product_reference": "nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.16.0-1.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686" }, "product_reference": "nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le" }, "product_reference": "nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x" }, "product_reference": "nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64" }, "product_reference": "nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64" }, "product_reference": "nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.16.0-1.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686" }, "product_reference": "nodejs-debugsource-1:16.16.0-1.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le" }, "product_reference": "nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x" }, "product_reference": "nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64" }, "product_reference": "nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-docs-1:16.16.0-1.el9_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch" }, "product_reference": "nodejs-docs-1:16.16.0-1.el9_0.noarch", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64" }, "product_reference": "nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le" }, "product_reference": "nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x" }, "product_reference": "nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64" }, "product_reference": "nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64" }, "product_reference": "nodejs-libs-1:16.16.0-1.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-1:16.16.0-1.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686" }, "product_reference": "nodejs-libs-1:16.16.0-1.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le" }, "product_reference": "nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x" }, "product_reference": "nodejs-libs-1:16.16.0-1.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64" }, "product_reference": "nodejs-libs-1:16.16.0-1.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64" }, "product_reference": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686" }, "product_reference": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le" }, "product_reference": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x" }, "product_reference": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64" }, "product_reference": "nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.19-1.el9_0.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch" }, "product_reference": "nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.19-1.el9_0.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" }, "product_reference": "nodejs-nodemon-0:2.0.19-1.el9_0.src", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64" }, "product_reference": "npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le" }, "product_reference": "npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.11.0-1.16.16.0.1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x" }, "product_reference": "npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" }, "product_reference": "npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.MAIN.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-7788", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-12-11T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1907444" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-ini. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ini: Prototype pollution via malicious INI file", "title": "Vulnerability summary" }, { "category": "other", "text": "Node.JS packages in Red Hat Enterprise Linux and Red Hat Software Collections included the vulnerable dependency packaged in \"nodejs-npm\" component. Processing malicious files using npm could potentially trigger this vulnerability. The \"ini\" package bundled with npm was not in the library path where it could be included directly in other programs.\n\nThe nodejs-nodemon packages in Red Hat Enterprise Linux and Red Hat Software Collections are affected by this vulnerability as they bundle the nodejs-ini library. Usage of that library is governed by nodemon itself, so applications started by nodemon are not impacted. Further, nodemon is a developer tool not intended to be used in production.\n\nThe ini package is included in Red Hat Quay by protractor and webpack-cli, both of which are dev dependencies.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ], "known_not_affected": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-7788" }, { "category": "external", "summary": "RHBZ#1907444", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7788", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7788" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788" } ], "release_date": "2020-12-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-09-20T12:27:54+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:6595" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-ini: Prototype pollution via malicious INI file" }, { "cve": "CVE-2020-28469", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-04-01T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1945459" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent function. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-glob-parent: Regular expression denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "While some components do package a vulnerable version of glob-parent, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n - OpenShift distributed tracing", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ], "known_not_affected": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-28469" }, { "category": "external", "summary": "RHBZ#1945459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28469", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28469" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905", "url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905" } ], "release_date": "2021-01-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-09-20T12:27:54+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:6595" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-glob-parent: Regular expression denial of service" }, { "cve": "CVE-2021-3807", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-09-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2007557" } ], "notes": [ { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ], "known_not_affected": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3807" }, { "category": "external", "summary": "RHBZ#2007557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3807" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" }, { "category": "external", "summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994", "url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994" } ], "release_date": "2021-09-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-09-20T12:27:54+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:6595" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes" }, { "cve": "CVE-2021-33502", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-05-24T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1964461" } ], "notes": [ { "category": "description", "text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-normalize-url: ReDoS for data URLs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ], "known_not_affected": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-33502" }, { "category": "external", "summary": "RHBZ#1964461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33502" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539", "url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539" } ], "release_date": "2021-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-09-20T12:27:54+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:6595" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-normalize-url: ReDoS for data URLs" }, { "cve": "CVE-2022-29244", "cwe": { "id": "CWE-212", "name": "Improper Removal of Sensitive Information Before Storage or Transfer" }, "discovery_date": "2022-06-20T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2098556" } ], "notes": [ { "category": "description", "text": "A flaw was found in npm. This security issue occurs because the npm pack ignores root-level \".gitignore\" and \".npmignore\" file exclusion directives when run in a workspace or with a workspace flag (for example, --workspaces, --workspace=\u003cname\u003e). Anyone who has run \u0027npm pack\u0027 or \u0027npm publish\u0027 inside a workspace has published files into the npm registry they did not intend to include. This flaw exposes sensitive information to an unauthorized user or an attacker.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ], "known_not_affected": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-29244" }, { "category": "external", "summary": "RHBZ#2098556", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2098556" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-29244", "url": "https://www.cve.org/CVERecord?id=CVE-2022-29244" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29244", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29244" }, { "category": "external", "summary": "https://github.com/npm/cli/security/advisories/GHSA-hj9c-8jmm-8c52", "url": "https://github.com/npm/cli/security/advisories/GHSA-hj9c-8jmm-8c52" } ], "release_date": "2022-06-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-09-20T12:27:54+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:6595" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace" }, { "acknowledgments": [ { "names": [ "Axel Chong" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2022-32212", "cwe": { "id": "CWE-703", "name": "Improper Check or Handling of Exceptional Conditions" }, "discovery_date": "2022-07-08T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2105422" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in NodeJS, where the IsAllowedHost check can be easily bypassed because IsIPAddress does not properly check if an IP address is invalid or not. When an invalid IPv4 address is provided (for instance, 10.0.2.555 is provided), browsers (such as Firefox) will make DNS requests to the DNS server. This issue provides a vector for an attacker-controlled DNS server or a Man-in-the-middle attack (MITM) who can spoof DNS responses to perform a rebinding attack and then connect to the WebSocket debugger allowing for arbitrary code execution on the target system.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: DNS rebinding in --inspect via invalid IP addresses", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is a bypass of CVE-2021-22884.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ], "known_not_affected": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-32212" }, { "category": "external", "summary": "RHBZ#2105422", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105422" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32212", "url": "https://www.cve.org/CVERecord?id=CVE-2022-32212" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32212" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/" } ], "release_date": "2022-07-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-09-20T12:27:54+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:6595" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: DNS rebinding in --inspect via invalid IP addresses" }, { "acknowledgments": [ { "names": [ "Zeyu Zhang" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2022-32213", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2022-07-08T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2105430" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in NodeJS due to improper validation of HTTP requests. The llhttp parser in the http module does not correctly parse and validate Transfer-Encoding headers. This issue can lead to HTTP Request Smuggling (HRS), causing web cache poisoning, and conducting XSS attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ], "known_not_affected": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-32213" }, { "category": "external", "summary": "RHBZ#2105430", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105430" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32213", "url": "https://www.cve.org/CVERecord?id=CVE-2022-32213" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32213" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/" } ], "release_date": "2022-07-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-09-20T12:27:54+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:6595" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding" }, { "acknowledgments": [ { "names": [ "Zeyu Zhang" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2022-32214", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2022-07-08T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2105428" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in NodeJS due to the llhttp parser in the http module not strictly using the CRLF sequence to delimit HTTP requests. This issue can lead to HTTP Request Smuggling (HRS). This flaw allows an attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers, causing web cache poisoning, and conducting XSS attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: HTTP request smuggling due to improper delimiting of header fields", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ], "known_not_affected": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-32214" }, { "category": "external", "summary": "RHBZ#2105428", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105428" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32214", "url": "https://www.cve.org/CVERecord?id=CVE-2022-32214" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32214" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/" } ], "release_date": "2022-07-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-09-20T12:27:54+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:6595" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: HTTP request smuggling due to improper delimiting of header fields" }, { "acknowledgments": [ { "names": [ "Zeyu Zhang" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2022-32215", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2022-07-08T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2105426" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in NodeJS due to the llhttp parser in the HTTP module incorrectly handling multi-line Transfer-Encoding headers. This issue can lead to HTTP Request Smuggling (HRS). This flaw allows a remote attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers, causing web cache poisoning, and conducting XSS attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ], "known_not_affected": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-32215" }, { "category": "external", "summary": "RHBZ#2105426", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105426" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32215", "url": "https://www.cve.org/CVERecord?id=CVE-2022-32215" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32215" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/" } ], "release_date": "2022-07-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-09-20T12:27:54+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:6595" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding" }, { "cve": "CVE-2022-33987", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2022-06-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2102001" } ], "notes": [ { "category": "description", "text": "A flaw was found in the `got` package for node.js. Requested URLs are not verified and allow open redirection to a local UNIX socket.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets", "title": "Vulnerability summary" }, { "category": "other", "text": "As got is only a transitive dependency of a development dependency of kiali OpenShift Service Mesh as well as being removed in version 2.2+, this flaw will not be fixed at this time for the openshift-istio-kiali-rhel8-container.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ], "known_not_affected": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.src", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-debugsource-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-docs-1:16.16.0-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-full-i18n-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.i686", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-libs-debuginfo-1:16.16.0-1.el9_0.x86_64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.aarch64", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.ppc64le", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.s390x", "AppStream-9.0.0.Z.MAIN.EUS:npm-1:8.11.0-1.16.16.0.1.el9_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-33987" }, { "category": "external", "summary": "RHBZ#2102001", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102001" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-33987", "url": "https://www.cve.org/CVERecord?id=CVE-2022-33987" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-33987", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33987" }, { "category": "external", "summary": "https://github.com/sindresorhus/got/pull/2047", "url": "https://github.com/sindresorhus/got/pull/2047" }, { "category": "external", "summary": "https://github.com/sindresorhus/got/releases/tag/v11.8.5", "url": "https://github.com/sindresorhus/got/releases/tag/v11.8.5" } ], "release_date": "2022-06-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-09-20T12:27:54+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:6595" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.noarch", "AppStream-9.0.0.Z.MAIN.EUS:nodejs-nodemon-0:2.0.19-1.el9_0.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets" } ] }
rhsa-2021_5171
Vulnerability from csaf_redhat
Published
2021-12-16 17:21
Modified
2024-11-06 00:16
Summary
Red Hat Security Advisory: nodejs:16 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (16.13.1), nodejs-nodemon (2.0.15). (BZ#2027610)
Security Fix(es):
* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)
* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)
* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)
* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (16.13.1), nodejs-nodemon (2.0.15). (BZ#2027610)\n\nSecurity Fix(es):\n\n* nodejs-json-schema: Prototype pollution vulnerability (CVE-2021-3918)\n\n* nodejs-ini: Prototype pollution via malicious INI file (CVE-2020-7788)\n\n* nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469)\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* llhttp: HTTP Request Smuggling due to spaces in headers (CVE-2021-22959)\n\n* llhttp: HTTP Request Smuggling when parsing the body of chunked requests (CVE-2021-22960)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:5171", "url": "https://access.redhat.com/errata/RHSA-2021:5171" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1907444", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444" }, { "category": "external", "summary": "1945459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459" }, { "category": "external", "summary": "1964461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461" }, { "category": "external", "summary": "2007557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557" }, { "category": "external", "summary": "2014057", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057" }, { "category": "external", "summary": "2014059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059" }, { "category": "external", "summary": "2024702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5171.json" } ], "title": "Red Hat Security Advisory: nodejs:16 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-06T00:16:30+00:00", "generator": { "date": "2024-11-06T00:16:30+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2021:5171", "initial_release_date": "2021-12-16T17:21:31+00:00", "revision_history": [ { "date": "2021-12-16T17:21:31+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-12-16T17:21:31+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T00:16:30+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nodejs:16:8050020211206113934:c5368500", "product": { "name": "nodejs:16:8050020211206113934:c5368500", "product_id": "nodejs:16:8050020211206113934:c5368500", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/nodejs@16:8050020211206113934:c5368500" } } }, { "category": "product_version", "name": "nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "product": { "name": "nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "product_id": "nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-docs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "product": { "name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.5.0%2B13548%2B45d748af?arch=noarch" } } }, { "category": "product_version", "name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "product": { "name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "product_id": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@25-1.module%2Bel8.5.0%2B10992%2Bfac5fe06?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "product": { "name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "product_id": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "product": { "name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "product_id": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "product": { "name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "product_id": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "product": { "name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "product_id": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "product": { "name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "product_id": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "product": { "name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "product_id": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.1.2-1.16.13.1.3.module%2Bel8.5.0%2B13548%2B45d748af?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "product": { "name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "product_id": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "product": { "name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "product_id": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.15-1.module%2Bel8.5.0%2B13548%2B45d748af?arch=src" } } }, { "category": "product_version", "name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "product": { "name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "product_id": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@25-1.module%2Bel8.5.0%2B10992%2Bfac5fe06?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "product": { "name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "product_id": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "product": { "name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "product_id": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "product": { "name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "product_id": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "product": { "name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "product_id": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "product": { "name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "product_id": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64", "product": { "name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64", "product_id": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.1.2-1.16.13.1.3.module%2Bel8.5.0%2B13548%2B45d748af?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "product": { "name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "product_id": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "product": { "name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "product_id": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "product": { "name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "product_id": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "product": { "name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "product_id": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "product": { "name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "product_id": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "product": { "name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "product_id": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.1.2-1.16.13.1.3.module%2Bel8.5.0%2B13548%2B45d748af?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "product": { "name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "product_id": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "product": { "name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "product_id": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "product": { "name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "product_id": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "product": { "name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "product_id": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "product": { "name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "product_id": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@16.13.1-3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "product": { "name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "product_id": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@8.1.2-1.16.13.1.3.module%2Bel8.5.0%2B13548%2B45d748af?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, "product_reference": "nodejs:16:8050020211206113934:c5368500", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64" }, "product_reference": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le" }, "product_reference": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x" }, "product_reference": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src" }, "product_reference": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64" }, "product_reference": "nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64" }, "product_reference": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le" }, "product_reference": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x" }, "product_reference": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64" }, "product_reference": "nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64" }, "product_reference": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le" }, "product_reference": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x" }, "product_reference": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64" }, "product_reference": "nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64" }, "product_reference": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le" }, "product_reference": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x" }, "product_reference": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64" }, "product_reference": "nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch" }, "product_reference": "nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64" }, "product_reference": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le" }, "product_reference": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x" }, "product_reference": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64" }, "product_reference": "nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch" }, "product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src" }, "product_reference": "nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch" }, "product_reference": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src" }, "product_reference": "nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64" }, "product_reference": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le" }, "product_reference": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x" }, "product_reference": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64 as a component of nodejs:16:8050020211206113934:c5368500 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" }, "product_reference": "npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64", "relates_to_product_reference": "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-7788", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-12-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1907444" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-ini. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ini: Prototype pollution via malicious INI file", "title": "Vulnerability summary" }, { "category": "other", "text": "Node.JS packages in Red Hat Enterprise Linux and Red Hat Software Collections included the vulnerable dependency packaged in \"nodejs-npm\" component. Processing malicious files using npm could potentially trigger this vulnerability. The \"ini\" package bundled with npm was not in the library path where it could be included directly in other programs.\n\nThe nodejs-nodemon packages in Red Hat Enterprise Linux and Red Hat Software Collections are affected by this vulnerability as they bundle the nodejs-ini library. Usage of that library is governed by nodemon itself, so applications started by nodemon are not impacted. Further, nodemon is a developer tool not intended to be used in production.\n\nThe ini package is included in Red Hat Quay by protractor and webpack-cli, both of which are dev dependencies.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-7788" }, { "category": "external", "summary": "RHBZ#1907444", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907444" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7788", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7788" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7788" } ], "release_date": "2020-12-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-12-16T17:21:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:5171" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-ini: Prototype pollution via malicious INI file" }, { "cve": "CVE-2020-28469", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-04-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1945459" } ], "notes": [ { "category": "description", "text": "A flaw was found in nodejs-glob-parent. The enclosure regex used to check for glob enclosures containing backslashes is vulnerable to Regular Expression Denial of Service attacks. This flaw allows an attacker to cause a denial of service if they can supply a malicious string to the glob-parent function. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-glob-parent: Regular expression denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "While some components do package a vulnerable version of glob-parent, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n - OpenShift distributed tracing", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-28469" }, { "category": "external", "summary": "RHBZ#1945459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945459" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28469", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28469" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28469" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905", "url": "https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905" } ], "release_date": "2021-01-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-12-16T17:21:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:5171" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs-glob-parent: Regular expression denial of service" }, { "cve": "CVE-2021-3807", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-09-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2007557" } ], "notes": [ { "category": "description", "text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src" ], "known_not_affected": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3807" }, { "category": "external", "summary": "RHBZ#2007557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3807" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807" }, { "category": "external", "summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994", "url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994" } ], "release_date": "2021-09-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-12-16T17:21:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:5171" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes" }, { "cve": "CVE-2021-3918", "cwe": { "id": "CWE-915", "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes" }, "discovery_date": "2021-11-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2024702" } ], "notes": [ { "category": "description", "text": "The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-json-schema: Prototype pollution vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "npm versions 8.0.0 and older provide a vulnerable version of the json-schema library. However, it is currently believed that in the context of npm, it is not possible to take advantage of the vulnerability.\n\nRed Hat Enterprise Linux version 8 and Software Collections provide a vulnerable version of the json-schema library only as embedded in the npm package. As a result, the severity of the incident has been lowered for these 2 products.\n\nRed Hat Quay includes json-schema as a development dependency of quay-registry-container. As a result, the impact rating has been lowered to Moderate.\n\nIn Red Hat OpenShift Container Platform (RHOCP), Red Hat Openshift Data Foundations (ODF), Red Hat distributed tracing, Migration Toolkit for Virtualization (MTV) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth. This restricts access to the vulnerable json-schema library to authenticated users only, therefore the impact is reduced to Moderate.\n\nIn Red Hat Openshift Data Foundations (ODF) the odf4/mcg-core-rhel8 component has \"Will not fix status\", but starting from ODF 4.11 stream this component contains already patched version of the json-schema library. Earlier version of ODF are already under Maintenance Support phase, hence this vulnerability will not be fixed.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3918" }, { "category": "external", "summary": "RHBZ#2024702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3918", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3918" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3918" } ], "release_date": "2021-10-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-12-16T17:21:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:5171" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-json-schema: Prototype pollution vulnerability" }, { "cve": "CVE-2021-22959", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2021-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2014057" } ], "notes": [ { "category": "description", "text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. Spaces as part of the header names were accepted as valid. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "llhttp: HTTP Request Smuggling due to spaces in headers", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-22959" }, { "category": "external", "summary": "RHBZ#2014057", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014057" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-22959", "url": "https://www.cve.org/CVERecord?id=CVE-2021-22959" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22959" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/" } ], "release_date": "2021-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-12-16T17:21:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:5171" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "llhttp: HTTP Request Smuggling due to spaces in headers" }, { "cve": "CVE-2021-22960", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2021-10-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2014059" } ], "notes": [ { "category": "description", "text": "An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. During the parsing of chunked messages, the chunk size parameter was not validated properly. In situations where HTTP conversations are being proxied (such as proxy, reverse-proxy, load-balancer), an attacker can use this flaw to inject arbitrary messages through the proxy. The highest threat from this vulnerability is to confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-22960" }, { "category": "external", "summary": "RHBZ#2014059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014059" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-22960", "url": "https://www.cve.org/CVERecord?id=CVE-2021-22960" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22960" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/oct-2021-security-releases/" } ], "release_date": "2021-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-12-16T17:21:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:5171" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "llhttp: HTTP Request Smuggling when parsing the body of chunked requests" }, { "cve": "CVE-2021-33502", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-05-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1964461" } ], "notes": [ { "category": "description", "text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-normalize-url: ReDoS for data URLs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-33502" }, { "category": "external", "summary": "RHBZ#1964461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33502" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539", "url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539" } ], "release_date": "2021-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-12-16T17:21:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:5171" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debuginfo-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-debugsource-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-devel-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-docs-1:16.13.1-3.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-full-i18n-1:16.13.1-3.module+el8.5.0+13548+45d748af.x86_64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-nodemon-0:2.0.15-1.module+el8.5.0+13548+45d748af.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.noarch", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:nodejs-packaging-0:25-1.module+el8.5.0+10992+fac5fe06.src", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.aarch64", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.ppc64le", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.s390x", "AppStream-8.5.0.Z.MAIN:nodejs:16:8050020211206113934:c5368500:npm-1:8.1.2-1.16.13.1.3.module+el8.5.0+13548+45d748af.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-normalize-url: ReDoS for data URLs" } ] }
rhsa-2021_2931
Vulnerability from csaf_redhat
Published
2021-07-28 08:36
Modified
2024-11-05 23:48
Summary
Red Hat Security Advisory: rh-nodejs12-nodejs and rh-nodejs12-nodejs-nodemon security update
Notes
Topic
An update for rh-nodejs12-nodejs and rh-nodejs12-nodejs-nodemon is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: rh-nodejs12-nodejs (12.22.2).
Security Fix(es):
* nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl() (CVE-2021-23362)
* nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode (CVE-2021-27290)
* normalize-url: ReDoS for data URLs (CVE-2021-33502)
* libuv: out-of-bounds read in uv__idna_toascii() can lead to information disclosures or crashes (CVE-2021-22918)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* ECDHE ciphers missing in rh-nodejs12 (BZ#1942592)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for rh-nodejs12-nodejs and rh-nodejs12-nodejs-nodemon is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: rh-nodejs12-nodejs (12.22.2).\n\nSecurity Fix(es):\n\n* nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl() (CVE-2021-23362)\n\n* nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode (CVE-2021-27290)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* libuv: out-of-bounds read in uv__idna_toascii() can lead to information disclosures or crashes (CVE-2021-22918)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* ECDHE ciphers missing in rh-nodejs12 (BZ#1942592)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:2931", "url": "https://access.redhat.com/errata/RHSA-2021:2931" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1941471", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941471" }, { "category": "external", "summary": "1942592", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942592" }, { "category": "external", "summary": "1943208", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943208" }, { "category": "external", "summary": "1964461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461" }, { "category": "external", "summary": "1979338", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979338" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2931.json" } ], "title": "Red Hat Security Advisory: rh-nodejs12-nodejs and rh-nodejs12-nodejs-nodemon security update", "tracking": { "current_release_date": "2024-11-05T23:48:00+00:00", "generator": { "date": "2024-11-05T23:48:00+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2021:2931", "initial_release_date": "2021-07-28T08:36:10+00:00", "revision_history": [ { "date": "2021-07-28T08:36:10+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-07-28T08:36:10+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T23:48:00+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } } ], "category": "product_family", "name": "Red Hat Software Collections" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "product": { "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "product_id": "rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs12-nodejs@12.22.2-1.el7?arch=src" } } }, { "category": "product_version", "name": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "product": { "name": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "product_id": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs12-nodejs-nodemon@2.0.3-2.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "product": { "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "product_id": "rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs12-nodejs@12.22.2-1.el7?arch=x86_64" } } }, { "category": "product_version", "name": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "product": { "name": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "product_id": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs12-nodejs-devel@12.22.2-1.el7?arch=x86_64" } } }, { "category": "product_version", "name": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "product": { "name": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "product_id": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs12-npm@6.14.13-12.22.2.1.el7?arch=x86_64" } } }, { "category": "product_version", "name": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "product": { "name": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "product_id": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs12-nodejs-debuginfo@12.22.2-1.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "product": { "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "product_id": "rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs12-nodejs@12.22.2-1.el7?arch=s390x" } } }, { "category": "product_version", "name": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "product": { "name": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "product_id": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs12-nodejs-devel@12.22.2-1.el7?arch=s390x" } } }, { "category": "product_version", "name": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "product": { "name": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "product_id": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs12-npm@6.14.13-12.22.2.1.el7?arch=s390x" } } }, { "category": "product_version", "name": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "product": { "name": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "product_id": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs12-nodejs-debuginfo@12.22.2-1.el7?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "product": { "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "product_id": "rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs12-nodejs@12.22.2-1.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "product": { "name": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "product_id": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs12-nodejs-devel@12.22.2-1.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "product": { "name": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "product_id": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs12-npm@6.14.13-12.22.2.1.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "product": { "name": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "product_id": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs12-nodejs-debuginfo@12.22.2-1.el7?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "product": { "name": "rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "product_id": "rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs12-nodejs-docs@12.22.2-1.el7?arch=noarch" } } }, { "category": "product_version", "name": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "product": { "name": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "product_id": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs12-nodejs-nodemon@2.0.3-2.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x" }, "product_reference": "rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.src" }, "product_reference": "rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64" }, "product_reference": "rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x" }, "product_reference": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64" }, "product_reference": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x" }, "product_reference": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64" }, "product_reference": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch" }, "product_reference": "rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch" }, "product_reference": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src" }, "product_reference": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le" }, "product_reference": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x" }, "product_reference": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7)", "product_id": "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64" }, "product_reference": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7-7.7.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x" }, "product_reference": "rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src" }, "product_reference": "rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64" }, "product_reference": "rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x" }, "product_reference": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64" }, "product_reference": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x" }, "product_reference": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64" }, "product_reference": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch" }, "product_reference": "rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch" }, "product_reference": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src" }, "product_reference": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le" }, "product_reference": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x" }, "product_reference": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64" }, "product_reference": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x" }, "product_reference": "rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src" }, "product_reference": "rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64" }, "product_reference": "rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x" }, "product_reference": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64" }, "product_reference": "rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le" }, "product_reference": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x" }, "product_reference": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64" }, "product_reference": "rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch" }, "product_reference": "rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch" }, "product_reference": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src" }, "product_reference": "rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le" }, "product_reference": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x" }, "product_reference": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.7" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64" }, "product_reference": "rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.7" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-22918", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2021-07-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1979338" } ], "notes": [ { "category": "description", "text": "A flaw has been found in libuv. Node.js is vulnerable to out-of-bounds read in libuv\u0027s uv__idna_toascii() function which is used to convert strings to ASCII which is called by Node\u0027s DNS module\u0027s lookup() function and can lead to information disclosures or crashes. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "libuv: out-of-bounds read in uv__idna_toascii() can lead to information disclosures or crashes", "title": "Vulnerability summary" }, { "category": "other", "text": "As distributed by Red Hat, a maximum of 3 bytes out of bound can be read. This would not be sufficient to crash nodejs or other applications using libuv, unless it was recompiled using an address sanitizer. The memory disclosure is also very limited.\n\nRed Hat Quay version 3.5 does not ship nodejs. Red Hat Quay version 3.4 consumes the nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because they don\u0027t use nodejs as a HTTP server.\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-22918" }, { "category": "external", "summary": "RHBZ#1979338", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1979338" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-22918", "url": "https://www.cve.org/CVERecord?id=CVE-2021-22918" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-22918", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22918" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/" } ], "release_date": "2021-07-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-07-28T08:36:10+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2931" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "libuv: out-of-bounds read in uv__idna_toascii() can lead to information disclosures or crashes" }, { "cve": "CVE-2021-23362", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1943208" } ], "notes": [ { "category": "description", "text": "A regular expression denial of service vulnerability was found in hosted-git-info. If an application allows user input into the affected regular expression (regexp) function, `shortcutMatch` or `fromUrl`, then an attacker could craft a regexp which takes an ever increasing amount of time to process, potentially resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()", "title": "Vulnerability summary" }, { "category": "other", "text": "While some components do package a vulnerable version of hosted-git-info, access to them requires OpenShift OAuth credentials and hence have been marked with a Low impact. This applies to the following products:\n - OpenShift Container Platform (OCP)\n - OpenShift ServiceMesh (OSSM)\n - Red Hat Advanced Cluster Management for Kubernetes (RHACM)\n\nSpecifically the following components:\n - The OCP hive-container does ship the vulnerable component, however since OCP 4.6 the Metering product has been deprecated [1], set as wont-fix and may be fixed in a future release.\n\nRed Hat Ceph Storage (RHCS) 4 packages a version of nodejs-hosted-git-info which is vulnerable to this flaw in the grafana-container shipped with it. \n\nRed Hat Quay includes hosted-git-info as a dependency of karma-coverage which is only used at development time. The hosted-git-info library is not used at runtime so the impact is low for Red Hat Quay.\n\nRed Hat Virtualization includes a vulnerable version of hosted-git-info, however it is only used during development. The hosted-git-info library is not used at runtime thus impact is rated Low and marked as \"wontfix\" at this time. Future updates may address this flaw.\n\n[1] - https://access.redhat.com/solutions/5707561", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23362" }, { "category": "external", "summary": "RHBZ#1943208", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943208" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23362", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23362" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23362", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23362" } ], "release_date": "2021-03-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-07-28T08:36:10+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2931" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl()" }, { "cve": "CVE-2021-27290", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2021-03-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1941471" } ], "notes": [ { "category": "description", "text": "A flaw was found in ssri package. A malicious string provided by an attacker may lead to Regular Expression Denial of Service (ReDoS). This issue only affects consumers\r\nusing the strict option. The highest threat from this vulnerability is to availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode", "title": "Vulnerability summary" }, { "category": "other", "text": "Whilst the OpenShift ServiceMesh (OSSM) servicemesh-grafana and servicemesh-prometheus include the vulnerable ssri library, the vulnerable \"strict\" option is not used. Similar to OSSM, OpenShift Container Platform (OCP), Red Hat Advance Cluster Management for Kubernetes (RHACM) and OpenShift distributed tracing components include the vulnerable ssri library but the \"strict\" option is not used. Additionally access to the vulnerable library is protected by OpenShift OAuth what reducing impact by this flaw to LOW. Therefore these OSSM, OCP, RHACM and OpenShift distributed tracing components have been marked as wont-fix and may be addressed in a future updates.\n\nRed Hat Virtualization includes ssri in cockpit-ovirt, ovirt-web-ui and ovirt-engine-ui-extensions, but the vulnerable \"strict\" option is not used. Additionally access to the vulnerable library is protected by RHV authentication. Therefore the impact of this flaw for RHV has been reduced to LOW and components have been marked as wont-fix and may be addressed in a future update.\n\nRed Hat Quay includes ssri as a dependency of webpack which is only used at build time. The library is not used at runtime, reducing the impact of this vulnerability to low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-27290" }, { "category": "external", "summary": "RHBZ#1941471", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941471" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-27290", "url": "https://www.cve.org/CVERecord?id=CVE-2021-27290" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-27290", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27290" } ], "release_date": "2021-03-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-07-28T08:36:10+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2931" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode" }, { "cve": "CVE-2021-33502", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-05-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1964461" } ], "notes": [ { "category": "description", "text": "A flaw was found in normalize-url. Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-normalize-url: ReDoS for data URLs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-33502" }, { "category": "external", "summary": "RHBZ#1964461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964461" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33502", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33502" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539", "url": "https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539" } ], "release_date": "2021-05-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-07-28T08:36:10+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:2931" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7-7.7.Z:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Server-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Server-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-debuginfo-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-devel-0:12.22.2-1.el7.x86_64", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-docs-0:12.22.2-1.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.noarch", "7Workstation-RHSCL-3.7:rh-nodejs12-nodejs-nodemon-0:2.0.3-2.el7.src", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.ppc64le", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.s390x", "7Workstation-RHSCL-3.7:rh-nodejs12-npm-0:6.14.13-12.22.2.1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-normalize-url: ReDoS for data URLs" } ] }
wid-sec-w-2023-0857
Vulnerability from csaf_certbund
Published
2022-05-24 22:00
Modified
2023-04-04 22:00
Summary
IBM QRadar SIEM: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Programmcode auszuführen, einen Denial of Service Zustand herbeizuführen, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Linux
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0857 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0857.json" }, { "category": "self", "summary": "WID-SEC-2023-0857 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0857" }, { "category": "external", "summary": "IBM Security Bulletin 6980799 vom 2023-04-04", "url": "https://www.ibm.com/support/pages/node/6980799" }, { "category": "external", "summary": "IBM Security Bulletin: 6589583 vom 2022-05-24", "url": "https://www.ibm.com/support/pages/node/6589583" }, { "category": "external", "summary": "IBM Security Bulletin: 6589583 vom 2022-05-24", "url": "https://www.ibm.com/support/pages/node/6589581" } ], "source_lang": "en-US", "title": "IBM QRadar SIEM: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-04-04T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:22:16.228+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0857", "initial_release_date": "2022-05-24T22:00:00.000+00:00", "revision_history": [ { "date": "2022-05-24T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-04-04T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von IBM aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM QRadar SIEM", "product": { "name": "IBM QRadar SIEM", "product_id": "T021415", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:-" } } } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-15168", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2020-15168" }, { "cve": "CVE-2020-24025", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2020-24025" }, { "cve": "CVE-2020-28469", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2020-28469" }, { "cve": "CVE-2020-28498", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2020-28498" }, { "cve": "CVE-2020-28500", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2020-28500" }, { "cve": "CVE-2020-7793", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2020-7793" }, { "cve": "CVE-2021-23337", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2021-23337" }, { "cve": "CVE-2021-27292", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2021-27292" }, { "cve": "CVE-2021-29060", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2021-29060" }, { "cve": "CVE-2021-32803", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2021-32803" }, { "cve": "CVE-2021-32804", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2021-32804" }, { "cve": "CVE-2021-33502", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2021-33502" }, { "cve": "CVE-2021-33623", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2021-33623" }, { "cve": "CVE-2021-37701", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2021-37701" }, { "cve": "CVE-2021-37712", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2021-37712" }, { "cve": "CVE-2021-37713", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2021-37713" }, { "cve": "CVE-2021-3807", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Die Schwachstellen bestehen in den Komponenten \"Node.js\", \"node-sass\" sowie \"UAParser.js\". Ein entfernter, anonymer oder lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren, Dateien manipulieren oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "T021415" ] }, "release_date": "2022-05-24T22:00:00Z", "title": "CVE-2021-3807" } ] }
wid-sec-w-2023-1350
Vulnerability from csaf_certbund
Published
2023-06-01 22:00
Modified
2024-02-15 23:00
Summary
Splunk Splunk Enterprise: Mehrere Schwachstellen in Komponenten von Drittanbietern
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Splunk Enterprise ermöglicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise in diversen Komponenten von Drittanbietern ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Splunk Enterprise erm\u00f6glicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise in diversen Komponenten von Drittanbietern ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1350 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1350.json" }, { "category": "self", "summary": "WID-SEC-2023-1350 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1350" }, { "category": "external", "summary": "Splunk Enterprise Security Advisory SVD-2023-0613 vom 2023-06-01", "url": "https://advisory.splunk.com/advisories/SVD-2023-0613" }, { "category": "external", "summary": "IBM Security Bulletin 7008449 vom 2023-06-29", "url": "https://www.ibm.com/support/pages/node/7008449" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0196-1 vom 2024-01-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017743.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0487-1 vom 2024-02-15", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017931.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0486-1 vom 2024-02-15", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017932.html" } ], "source_lang": "en-US", "title": "Splunk Splunk Enterprise: Mehrere Schwachstellen in Komponenten von Drittanbietern", "tracking": { "current_release_date": "2024-02-15T23:00:00.000+00:00", "generator": { "date": "2024-02-16T09:06:57.360+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1350", "initial_release_date": "2023-06-01T22:00:00.000+00:00", "revision_history": [ { "date": "2023-06-01T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-06-29T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-01-23T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-02-15T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von SUSE aufgenommen" } ], "status": "final", "version": "4" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM DB2", "product": { "name": "IBM DB2", "product_id": "5104", "product_identification_helper": { "cpe": "cpe:/a:ibm:db2:-" } } } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c 8.1.14", "product": { "name": "Splunk Splunk Enterprise \u003c 8.1.14", "product_id": "T027935", "product_identification_helper": { "cpe": "cpe:/a:splunk:splunk:8.1.14" } } }, { "category": "product_version_range", "name": "\u003c 8.2.11", "product": { "name": "Splunk Splunk Enterprise \u003c 8.2.11", "product_id": "T027936", "product_identification_helper": { "cpe": "cpe:/a:splunk:splunk:8.2.11" } } }, { "category": "product_version_range", "name": "\u003c 9.0.5", "product": { "name": "Splunk Splunk Enterprise \u003c 9.0.5", "product_id": "T027937", "product_identification_helper": { "cpe": "cpe:/a:splunk:splunk:9.0.5" } } } ], "category": "product_name", "name": "Splunk Enterprise" } ], "category": "vendor", "name": "Splunk" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-27538", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27538" }, { "cve": "CVE-2023-27537", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27537" }, { "cve": "CVE-2023-27536", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27536" }, { "cve": "CVE-2023-27535", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27535" }, { "cve": "CVE-2023-27534", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27534" }, { "cve": "CVE-2023-27533", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-27533" }, { "cve": "CVE-2023-23916", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-23916" }, { "cve": "CVE-2023-23915", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-23915" }, { "cve": "CVE-2023-23914", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-23914" }, { "cve": "CVE-2023-1370", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-1370" }, { "cve": "CVE-2023-0286", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-0286" }, { "cve": "CVE-2023-0215", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2023-0215" }, { "cve": "CVE-2022-46175", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-46175" }, { "cve": "CVE-2022-43680", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-43680" }, { "cve": "CVE-2022-43552", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-43552" }, { "cve": "CVE-2022-43551", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-43551" }, { "cve": "CVE-2022-4304", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-4304" }, { "cve": "CVE-2022-42916", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-42916" }, { "cve": "CVE-2022-42915", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-42915" }, { "cve": "CVE-2022-42004", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-42004" }, { "cve": "CVE-2022-4200", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-4200" }, { "cve": "CVE-2022-41720", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-41720" }, { "cve": "CVE-2022-41716", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-41716" }, { "cve": "CVE-2022-41715", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-41715" }, { "cve": "CVE-2022-40304", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-40304" }, { "cve": "CVE-2022-40303", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-40303" }, { "cve": "CVE-2022-40023", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-40023" }, { "cve": "CVE-2022-38900", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-38900" }, { "cve": "CVE-2022-37616", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-37616" }, { "cve": "CVE-2022-37603", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-37603" }, { "cve": "CVE-2022-37601", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-37601" }, { "cve": "CVE-2022-37599", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-37599" }, { "cve": "CVE-2022-37434", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-37434" }, { "cve": "CVE-2022-36227", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-36227" }, { "cve": "CVE-2022-35737", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-35737" }, { "cve": "CVE-2022-35260", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-35260" }, { "cve": "CVE-2022-35252", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-35252" }, { "cve": "CVE-2022-3517", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-3517" }, { "cve": "CVE-2022-33987", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-33987" }, { "cve": "CVE-2022-32221", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32221" }, { "cve": "CVE-2022-32208", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32208" }, { "cve": "CVE-2022-32207", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32207" }, { "cve": "CVE-2022-32206", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32206" }, { "cve": "CVE-2022-32205", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32205" }, { "cve": "CVE-2022-32189", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32189" }, { "cve": "CVE-2022-32148", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-32148" }, { "cve": "CVE-2022-31129", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-31129" }, { "cve": "CVE-2022-30635", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30635" }, { "cve": "CVE-2022-30634", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30634" }, { "cve": "CVE-2022-30633", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30633" }, { "cve": "CVE-2022-30632", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30632" }, { "cve": "CVE-2022-30631", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30631" }, { "cve": "CVE-2022-30630", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30630" }, { "cve": "CVE-2022-30629", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30629" }, { "cve": "CVE-2022-30580", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30580" }, { "cve": "CVE-2022-30115", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-30115" }, { "cve": "CVE-2022-29804", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-29804" }, { "cve": "CVE-2022-29526", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-29526" }, { "cve": "CVE-2022-2880", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-2880" }, { "cve": "CVE-2022-2879", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-2879" }, { "cve": "CVE-2022-28327", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-28327" }, { "cve": "CVE-2022-28131", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-28131" }, { "cve": "CVE-2022-27782", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27782" }, { "cve": "CVE-2022-27781", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27781" }, { "cve": "CVE-2022-27780", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27780" }, { "cve": "CVE-2022-27779", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27779" }, { "cve": "CVE-2022-27778", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27778" }, { "cve": "CVE-2022-27776", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27776" }, { "cve": "CVE-2022-27775", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27775" }, { "cve": "CVE-2022-27774", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27774" }, { "cve": "CVE-2022-27664", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27664" }, { "cve": "CVE-2022-27191", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-27191" }, { "cve": "CVE-2022-25858", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-25858" }, { "cve": "CVE-2022-24999", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-24999" }, { "cve": "CVE-2022-24921", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-24921" }, { "cve": "CVE-2022-24675", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-24675" }, { "cve": "CVE-2022-23806", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-23806" }, { "cve": "CVE-2022-23773", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-23773" }, { "cve": "CVE-2022-23772", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-23772" }, { "cve": "CVE-2022-23491", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-23491" }, { "cve": "CVE-2022-22576", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-22576" }, { "cve": "CVE-2022-1962", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-1962" }, { "cve": "CVE-2022-1705", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2022-1705" }, { "cve": "CVE-2021-43565", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-43565" }, { "cve": "CVE-2021-3803", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-3803" }, { "cve": "CVE-2021-36976", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-36976" }, { "cve": "CVE-2021-3520", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-3520" }, { "cve": "CVE-2021-33587", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-33587" }, { "cve": "CVE-2021-33503", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-33503" }, { "cve": "CVE-2021-33502", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-33502" }, { "cve": "CVE-2021-31566", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-31566" }, { "cve": "CVE-2021-29060", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-29060" }, { "cve": "CVE-2021-27292", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-27292" }, { "cve": "CVE-2021-23382", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-23382" }, { "cve": "CVE-2021-23368", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-23368" }, { "cve": "CVE-2021-23343", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-23343" }, { "cve": "CVE-2021-22947", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22947" }, { "cve": "CVE-2021-22946", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22946" }, { "cve": "CVE-2021-22945", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22945" }, { "cve": "CVE-2021-22926", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22926" }, { "cve": "CVE-2021-22925", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22925" }, { "cve": "CVE-2021-22924", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22924" }, { "cve": "CVE-2021-22923", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22923" }, { "cve": "CVE-2021-22922", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22922" }, { "cve": "CVE-2021-22901", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22901" }, { "cve": "CVE-2021-22898", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22898" }, { "cve": "CVE-2021-22897", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22897" }, { "cve": "CVE-2021-22890", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22890" }, { "cve": "CVE-2021-22876", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-22876" }, { "cve": "CVE-2021-20095", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2021-20095" }, { "cve": "CVE-2020-8286", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8286" }, { "cve": "CVE-2020-8285", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8285" }, { "cve": "CVE-2020-8284", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8284" }, { "cve": "CVE-2020-8231", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8231" }, { "cve": "CVE-2020-8203", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8203" }, { "cve": "CVE-2020-8177", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8177" }, { "cve": "CVE-2020-8169", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8169" }, { "cve": "CVE-2020-8116", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-8116" }, { "cve": "CVE-2020-7774", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-7774" }, { "cve": "CVE-2020-7753", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-7753" }, { "cve": "CVE-2020-7662", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-7662" }, { "cve": "CVE-2020-28469", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-28469" }, { "cve": "CVE-2020-15138", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-15138" }, { "cve": "CVE-2020-13822", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2020-13822" }, { "cve": "CVE-2019-20149", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2019-20149" }, { "cve": "CVE-2019-10746", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2019-10746" }, { "cve": "CVE-2019-10744", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2019-10744" }, { "cve": "CVE-2018-25032", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2018-25032" }, { "cve": "CVE-2017-16042", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00Z", "title": "CVE-2017-16042" } ] }
wid-sec-w-2023-0856
Vulnerability from csaf_certbund
Published
2022-05-31 22:00
Modified
2023-04-04 22:00
Summary
IBM QRadar SIEM: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Linux
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0856 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0856.json" }, { "category": "self", "summary": "WID-SEC-2023-0856 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0856" }, { "category": "external", "summary": "IBM Security Bulletin 6980799 vom 2023-04-04", "url": "https://www.ibm.com/support/pages/node/6980799" }, { "category": "external", "summary": "IBM Security Bulletin vom 2022-05-31", "url": "https://www.ibm.com/support/pages/node/6590981" } ], "source_lang": "en-US", "title": "IBM QRadar SIEM: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-04-04T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:22:15.406+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0856", "initial_release_date": "2022-05-31T22:00:00.000+00:00", "revision_history": [ { "date": "2022-05-31T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-04-04T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von IBM aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM QRadar SIEM \u003c 3.0.1", "product": { "name": "IBM QRadar SIEM \u003c 3.0.1", "product_id": "T023376", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:3.0.1" } } } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-11655", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2020-11655" }, { "cve": "CVE-2020-11656", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2020-11656" }, { "cve": "CVE-2020-13434", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2020-13434" }, { "cve": "CVE-2020-13435", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2020-13435" }, { "cve": "CVE-2020-13630", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2020-13630" }, { "cve": "CVE-2020-13631", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2020-13631" }, { "cve": "CVE-2020-13632", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2020-13632" }, { "cve": "CVE-2020-15168", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2020-15168" }, { "cve": "CVE-2020-15358", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2020-15358" }, { "cve": "CVE-2020-28469", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2020-28469" }, { "cve": "CVE-2020-7788", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2020-7788" }, { "cve": "CVE-2020-9327", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2020-9327" }, { "cve": "CVE-2021-22918", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-22918" }, { "cve": "CVE-2021-22930", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-22930" }, { "cve": "CVE-2021-22931", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-22931" }, { "cve": "CVE-2021-22939", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-22939" }, { "cve": "CVE-2021-22940", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-22940" }, { "cve": "CVE-2021-23343", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-23343" }, { "cve": "CVE-2021-23362", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-23362" }, { "cve": "CVE-2021-27290", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-27290" }, { "cve": "CVE-2021-32803", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-32803" }, { "cve": "CVE-2021-32804", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-32804" }, { "cve": "CVE-2021-33502", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-33502" }, { "cve": "CVE-2021-3672", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-3672" }, { "cve": "CVE-2021-37701", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-37701" }, { "cve": "CVE-2021-37712", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-37712" }, { "cve": "CVE-2021-37713", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-37713" }, { "cve": "CVE-2021-3807", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-3807" }, { "cve": "CVE-2021-3918", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen im Zusammenhang mit bekannten Sicherheitsl\u00fccken in den Komponenten Node.js und SQLite. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden." } ], "release_date": "2022-05-31T22:00:00Z", "title": "CVE-2021-3918" } ] }
ghsa-px4h-xg32-q955
Vulnerability from github
Published
2021-06-08 23:11
Modified
2021-10-27 17:04
Severity ?
Summary
ReDoS in normalize-url
Details
The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs.
{ "affected": [ { "ecosystem_specific": { "affected_functions": [ "(normalize-url)" ] }, "package": { "ecosystem": "npm", "name": "normalize-url" }, "ranges": [ { "events": [ { "introduced": "4.3.0" }, { "fixed": "4.5.1" } ], "type": "ECOSYSTEM" } ] }, { "ecosystem_specific": { "affected_functions": [ "(normalize-url)" ] }, "package": { "ecosystem": "npm", "name": "normalize-url" }, "ranges": [ { "events": [ { "introduced": "5.0.0" }, { "fixed": "5.3.1" } ], "type": "ECOSYSTEM" } ] }, { "ecosystem_specific": { "affected_functions": [ "(normalize-url)" ] }, "package": { "ecosystem": "npm", "name": "normalize-url" }, "ranges": [ { "events": [ { "introduced": "6.0.0" }, { "fixed": "6.0.1" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2021-33502" ], "database_specific": { "cwe_ids": [ "CWE-400" ], "github_reviewed": true, "github_reviewed_at": "2021-05-28T17:56:25Z", "nvd_published_at": "2021-05-24T16:15:00Z", "severity": "HIGH" }, "details": "The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs.", "id": "GHSA-px4h-xg32-q955", "modified": "2021-10-27T17:04:15Z", "published": "2021-06-08T23:11:43Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33502" }, { "type": "WEB", "url": "https://github.com/sindresorhus/normalize-url/commit/b1fdb5120b6d27a88400d8800e67ff5a22bd2103" }, { "type": "PACKAGE", "url": "https://github.com/sindresorhus/normalize-url" }, { "type": "WEB", "url": "https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1" }, { "type": "WEB", "url": "https://security.netapp.com/advisory/ntap-20210706-0001" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ], "summary": "ReDoS in normalize-url" }
gsd-2021-33502
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2021-33502", "description": "The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs.", "id": "GSD-2021-33502", "references": [ "https://access.redhat.com/errata/RHSA-2022:0350", "https://access.redhat.com/errata/RHSA-2022:0246", "https://access.redhat.com/errata/RHSA-2021:5171", "https://access.redhat.com/errata/RHSA-2021:3016", "https://access.redhat.com/errata/RHSA-2021:2932", "https://access.redhat.com/errata/RHSA-2021:2931", "https://linux.oracle.com/cve/CVE-2021-33502.html", "https://access.redhat.com/errata/RHSA-2022:4711", "https://access.redhat.com/errata/RHSA-2022:6595" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2021-33502" ], "details": "The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs.", "id": "GSD-2021-33502", "modified": "2023-12-13T01:23:18.539343Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-33502", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1", "refsource": "CONFIRM", "url": "https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1" }, { "name": "https://security.netapp.com/advisory/ntap-20210706-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210706-0001/" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "\u003e=4.3.0 \u003c4.5.1||\u003e=5.0.0 \u003c5.3.1||=6.0.0", "affected_versions": "All versions starting from 4.3.0 before 4.5.1, all versions starting from 5.0.0 before 5.3.1, version 6.0.0", "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cwe_ids": [ "CWE-1035", "CWE-1333", "CWE-937" ], "date": "2023-08-08", "description": "The normalize-url package for Node.js has a ReDoS issue because it has exponential performance for data.", "fixed_versions": [ "4.5.1", "5.3.1", "6.0.1" ], "identifier": "CVE-2021-33502", "identifiers": [ "CVE-2021-33502" ], "not_impacted": "All versions before 4.3.0, all versions starting from 4.5.1 before 5.0.0, all versions starting from 5.3.1 before 6.0.0, all versions after 6.0.0", "package_slug": "npm/normalize-url", "pubdate": "2021-05-24", "solution": "Upgrade to versions 4.5.1, 5.3.1, 6.0.1 or above.", "title": "Unconrolled Resource Consumption", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2021-33502" ], "uuid": "5e35ac85-fe64-486a-8628-fe5de5adf60b" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:normalize-url_project:normalize-url:*:*:*:*:*:node.js:*:*", "cpe_name": [], "versionEndExcluding": "5.3.1", "versionStartIncluding": "5.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:normalize-url_project:normalize-url:*:*:*:*:*:node.js:*:*", "cpe_name": [], "versionEndExcluding": "4.5.1", "versionStartIncluding": "4.3.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:normalize-url_project:normalize-url:6.0.0:*:*:*:*:node.js:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-33502" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1", "refsource": "CONFIRM", "tags": [ "Release Notes", "Third Party Advisory" ], "url": "https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1" }, { "name": "https://security.netapp.com/advisory/ntap-20210706-0001/", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://security.netapp.com/advisory/ntap-20210706-0001/" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } }, "lastModifiedDate": "2021-10-26T19:56Z", "publishedDate": "2021-05-24T16:15Z" } } }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.